TWO-FACTOR AUTHENTICATION PROTOCOL IN ACCESS CONTROL SYSTEMS

Background. To ensure the protection of the biometric access control system used in unsecured communication channels, it is necessary to exclude the storage and transfer, transfer of biometric data as well as sequences generated on their basis. The paper proposes a cryptographic protocol of two-factor authentication with the zero-knowledge over the extended field GF(2m) on elliptic curves using biometric data and the private key of the user. Objective. The aim of the article is to develop a cryptographic protocol for zero-knowledge two-factor authentication based on elliptic curves using biometric data and the user’s private key, which allows increasing cryptographic strength and reducing the duration of the authentication process. Methods. The process of implementing zero-knowledge proof protocols is as follows: one user (proofer) can convince another user (verifier) that he has some secret without disclosing the secret itself. Results. A cryptographic protocol for two-factor authentication with zero-knowledge over the extended field GF(2m) of elliptic curves using user biometric data is proposed, which significantly reduces the size of the protocol parameters and increases cryptographic strength (computational complexity of the breaking). There is no leakage of private key information and biometric data of the user during the execution of the zero-knowledge proof protocol. Conclusions. The implementation of a cryptographic protocol with zero-knowledge proof two-factor authentication based on elliptic curves allows significantly reducing the size of protocol parameters and increasing the cryptographic strength (computational complexity of the breaking).