Research On Data Protection Scheme Based On Secret Sharing And Multi-Factor Authentication

With the rapid development of cloud technology,a large amount of data is stored in the cloud.In this context,data protection is particularly critical.To ensure data security,it is usually necessary to encrypt privacy data before uploading it to the cloud,and the core of encryption is to protect the key.Therefore,secure storage of the key has become a key issue in data protection.Secret sharing technology divides the key into multiple shares and distributes them on different devices,which enhances the security of the key; multi-factor authentication combines multiple verification methods,greatly enhancing the reliability of user identity verification.In view of the advantages of secret sharing and multi-factor authentication,many data protection schemes regard them as key technologies.This paper studies data protection schemes based on secret sharing and multi-factor authentication.The main contributions of this paper are as follows:(1)We give a security analysis of the data protection scheme based on secret sharing and multi-factor authentication proposed by Hu et al.By the security analysis,we find that their scheme has several critical security vulnerabilities,such as the inability to resist offline guessing attacks,replay attacks,denial-of-service attacks,and failure to consider the risk of laptop and smart card tampering.In addition,their scheme is unable to detect error messages transmitted by malicious servers,which could lead to the reconstruction of erroneous keys.(2)To solve the security vulnerabilities of Hu et al.’s scheme,we propose an improved data protection scheme based on secret sharing and multi-factor authentication.Our scheme uses random numbers to resist offline guessing attacks,introduces timestamps to resist denial of service attacks and replay attacks,and employs a message authentication code and a robust fuzzy extractor to detect tampering of laptops and smart cards and malicious servers.The security analysis through BAN logic and AVISPA simulation verification tool proves that our scheme can effectively solve the security vulnerabilities of Hu et al.’s scheme.(3)The performance analysis reveals that the scheme in(2)has low efficiency.Therefore,this paper further proposes a more efficient data protection scheme based on secret sharing and multi-factor authentication using an optimized authentication method to improve the execution efficiency.This scheme has stronger practicality in large-scale data protection scenarios.(4)Based on the data protection scheme proposed in(2),this paper implements a data protection scheme system in Python and provides a concrete system design.