A Multiphase Zero-Trust Authentication Framework Using Replicated and Homomorphic Encryption

Abstract

In response to the increasing complexity and vulnerability of traditional authentication techniques, this paper proposes the Multiphase Zero-Trust Authentication Framework (MZTAF), which combines device-level and user-level authentication to enhance security in zero-trust environments. Phase I leverages replicated key-based authentication to ensure fault tolerance and reduce the risk of device-level compromise. Phase II introduces homomorphic encryption for user authentication, securely verifying identity, context, and behaviour without exposing sensitive data. This multiphase authentication approach provides a robust, scalable, and privacy-preserving solution, offering continuous verification in dynamic environments. Experimental results demonstrate the framework's effectiveness, achieving a 94% success rate in device authentication and a 95% success rate in user authentication, outperforming core mechanisms such as Replicated Key Authentication, Threat-Based ZTA with MITRE Mapping, Blockchain-Based Distributed Authentication, and MFA-ZTA at 89, 91, 92 and 88% respectively. The framework also incorporates dynamic access control, adjusting permissions based on the outcomes of authentication phases, and ensuring flexible and granular access management. MZTAF offers a significant advancement in securing modern networks against emerging threats.