A Secure Blockchain-based MFA Dynamic Mechanism

Authentication mechanisms attract considerable research interest due to the protective role they offer, and when they fail, the system becomes vulnerable and immediately exposed to attacks. Blockchain technology was recently incorporated to enhance authentication mechanisms through its inherited specifications that cover higher security requirements. This article proposes a dynamic multi-factor authentication (MFA) mechanism based on blockchain technology. The approach combines a honeytoken authentication method implemented with smart contracts and deploys the dynamic change of honeytokens for enhanced security. Two additional random numbers are inserted into the honeytoken within the smart contract to protect from potential attackers, forming a triad of values. The produced set is then imported into a dynamic hash algorithm that changes daily, introducing an additional layer of complexity and unpredictability. The honeytokens are securely transferred to the user through a dedicated and safe communication channel, ensuring the integrity and confidentiality of this critical authentication factor. Extensive evaluation and threat analysis of the proposed blockchain-based MFA dynamic mechanism (BMFA) demonstrate that it meets high-security standards and possesses essential properties that give prospects for future use in many domains.