Anonymous Two-Factor Authentication in Distributed Systems: Certain Goals Are Beyond Attainment
Despite two decades of intensive research, it remains a challenge to design a practical anonymous two-factor authentication scheme, for the designers are confronted with an impressive list of security requirements and desirable attributes. Numerous solutions have been proposed, yet most of them are shortly found either unable to satisfy some critical security requirements or short of a few important features. To overcome this unsatisfactory situation, researchers often work around it in hopes of a new proposal, while paying little attention to the fundamental question: whether or not there are inherent limitations that prevent us from designing an ÃƒÂ¢Ã¢â€šÂ¬Ã…â€œidealÃƒÂ¢Ã¢â€šÂ¬Ã‚Â scheme that satisfies all the desirable goals? In this work, it is provided a definite answer to this question. First revisit two foremost proposals, i.e. Tsai et al.ÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s scheme and LiÃƒÂ¢Ã¢â€šÂ¬Ã¢â€žÂ¢s scheme, revealing some subtleties and challenges in designing such schemes. Then, systematically explore the inherent conflicts and unavoidable trade-offs among the design criteria. To the best of knowledge, the present study makes the first step towards understanding the underlying evaluation metric for anonymous two-factor authentication, which will facilitate better design of anonymous two-factor protocols that offer acceptable trade-offs among usability, security and privacy.