Design and Implementation of USB Key System Based on Dual-Factor Identity Authentication Protocol
Download PDF
$currentUrl="http://$_SERVER[HTTP_HOST]$_SERVER[REQUEST_URI]"

Keywords

Information security
USB Key
Impact/response authentication
Static password authentication

DOI

10.26689/jera.v8i5.8398

Submitted : 2024-09-15
Accepted : 2024-09-30
Published : 2024-10-15

Abstract

With the increasing demand for information security, traditional single-factor authentication technology can no longer meet security requirements. To this end, this paper proposes a Universal Serial Bus (USB) Key hardware and software system based on a two-factor authentication protocol, aiming to improve the security and reliability of authentication. This paper first analyzes the current status and technical principles of USB Key-related research domestically and internationally and designs a two-factor authentication protocol that combines impact/response authentication and static password authentication. The system consists of a host computer and a USB Key device. The host computer interacts with the USB Key through a graphical user interface. The Secure Hash Algorithm 1 (SHA-1) and MySQL database are used to implement the authentication function. Experimental results show that the designed two-factor authentication protocol can effectively prevent replay attacks and information tampering, and improve the security of authentication. If the corresponding USB Key is not inserted, the system will prompt that the device is not found. Once the USB Key is inserted, user identity is confirmed through two-factor verification, which includes impact/response authentication and static password authentication.

References

Idrus SZS, Cherrier E, Rosenberger C, Schwartzmann JJ, 2013, A Review on Authentication Methods. Australian Journal of Basic and Applied Sciences, 7(5): 95–107.

Joyce R, Gupta G, 1990, Identity Authentication Based on Keystroke Latencies. Communications of the ACM, 33(2): 168–176.

Wu X, Xu J, Wang J, et al., 2019, Identity Authentication on Mobile Devices Using Face Verification and ID Image Recognition. Procedia Computer Science, 162: 932–9.

Wu Y, Deng L, Xiao D, et al., 2007, A Two-Factor Identity Authentication and Key Exchange Protocol Based on USB Key. Computer Engineering and Science, 29(5): 56–59.

Liu W, Hu J, Liu Y, 2008, Design and Implementation of a Transparent Encryption and Decryption File System Based on USB Key. Computer Science, 35(11): 100–103.

Yu Q, Nan Y, Shi W, 2011, Design of Online Banking Identity Authentication Based on USB Key and Fingerprint Recognition. Science and Technology Communication, 2011(5): 219–221.

Wang S, Chang Z, Wei Y, 2014, USB Key Identity Authentication Scheme Based on Cloud Computing. Computer Applications Research, 31(7): 2130–2134.

Wu P, Cai Q, Wang Q, et al., 2021, Building a Secure Video Conference System with Customized Cryptographic USB Keys. ICC 2021–IEEE International Conference on Communications.

Yang X, Liu W, 2024, Research on Mainstream Security Authentication and Authorization Technology: OAuth2.0. Network Security Technology and Application, 2024(04): 9–12.

Zhou G, 2003, Research on Two-Factor Authentication Technology. Electronics Technology, 2003(22): 37–38, 41.