Traditional multi-factor authentication (MFA) schemes, despite their layered defences, have been compromised in several common vulnerabilities and exposures (CVEs) due to their sequential verification process, which allows adversaries to target individual identity factors in isolation. In this work, we propose a cryptographic framework that enhances the IdentiToken model by integrating deterministic homomorphic encryption inspired by the Paillier scheme. Our approach generates a structured token composed of encrypted sub-tokens, each representing either a stable or volatile element of a device’s identity. These tokens can be recomputed in real-time and compared for authentication without exposing raw attribute values. By leveraging the additive homomorphism, we quantify the degree of change in core attributes across sessions, enabling similarity-based identity verification. Beyond authentication, this token architecture supports a wide range of security applications, including real-time fingerprinting, zero-trust access control, anomaly detection and behavioural malware analysis.
Tripathi et al. (Thu,) studied this question.