YAO Lin,FAN Qing-na,KONG Xiang-wei

DOI: https://doi.org/10.3778/j.issn.1002-8331.2010.32.030

2010-01-01

Abstract:Pervasive computing raises new challenges to the security and privacy of the Internet communication,and conventional authentication protocols cannot meet the requirements of this new pervasive environment.A novel mutual authentication and key establishment scheme to secure the interactions between mobile users and service providers is proposed.Highly integrating biometric encryption and the Diffie-Hellman key exchange,the proposed protocol achieves mutual authentication without revealing any privacy information of the user.Secure session key establishment is enabled by the proposed algorithm.Differentiated service access control is also achieved with the biometric encryption.It is shown that the protocol can resist most of the attacks,especially the denial of service attack.

V Mora-Afonso,Pino Caballero-Gil

DOI: https://doi.org/10.1007/978-3-319-01854-6_54

2022-08-13

Abstract:This work includes a review of two cases study of mobile applications that use Identity-Based Cryptography (IBC) to protect communications. It also describes a proposal of a new mobile application that combines the use of IBC for Wi-Fi or Bluetooth communication between smartphones, with the promising Near Field Communication (NFC) technology for secure authentication. The proposed scheme involves NFC pairing to establish as public key a piece of information linked to the device, such as the phone number, so that this information is then used in an IBC scheme for peer-to-peer communication. This is a work in progress, so the implementation of a prototype based on smartphones is still being improved.

Cryptography and Security

Mohamed Abid,Songbo Song,Hassnaa Moustafa,Hossam Afifi

DOI: https://doi.org/10.48550/arXiv.1004.0762

2010-04-06

Abstract:Nowadays, the IP Multimedia Subsystem (IMS) is a promising research field. Many ongoing works related to the security and the performances of its employment are presented to the research community. Although, the security and data privacy aspects are very important in the IMS global objectives, they observe little attention so far. Secure access to multimedia services is based on SIP and HTTP digest on top of IMS architecture. The standard deploys AKA-MD5 for the terminal authentication. The third Generation Partnership Project (3GPP) provided Generic Bootstrapping Architecture (GBA) to authenticate the subscriber before accessing multimedia services over HTTP. In this paper, we propose a new IMS Service Authentication scheme using Identity Based cryptography (IBC). This new scheme will lead to better performances when there are simultaneous authentication requests using Identity-based Batch Verification. We analyzed the security of our new protocol and we presented a performance evaluation of its cryptographic operations

Cryptography and Security,Multimedia

CHEN Wei,LONG Xiang,GAO Xiao-Peng

DOI: https://doi.org/10.1360/jos161617

2005-01-01

Abstract:In the rapidly expanding mobile environment, authenticity of communicating parties is one of the big research challenges and is receiving increasing attention. In the Mobile IPv6 defined by IETF (Internet engineering task force), IPSec (IP security) protocols and RR (return routability) mechanism are used to protect signaling between related communicating nodes, however, how to realize identity authentication has not been efficiently solved. In this paper, the advantages and disadvantages of two authentication techniques?certificate-based authentication and identity-based authentication are analyzed. The scalability of certificate-based means is excellent, but the deployment of PKI (public key infrastructure) and the distribution of certificates make this method costly. On the contrary, identity-based method hurdles the deficiency of certificate-based means, nevertheless the scalability suffers from the share of parameters among related nodes. Then an approach of integrating the two methods mentioned above is proposed to realize a secure and fast authentication with low cost and high scalability. Finally, this hybrid technique is applied in Mobile IPv6 to improve the negotiation of SA (security association), and the security issues are discussed.

Donghong Sun,Wu Liu,Ping Ren,Dongbin Sun

DOI: https://doi.org/10.1109/ctc.2012.10

2012-01-01

Abstract:The proliferations of the mobile intelligent terminal have brought them to the spotlight of the attackers for the sensitive information they carried. However, the current security schemes on the mobile intelligent terminal are fragile. This paper proposed a new transparent authentication and encryption measure to protect the confidentiality and integrity of the data on the mobile intelligent terminal. Our method is user-friendly as no interaction is needed during the process. Also, the result can be applied as evidence to identify who have used the phone.

V Mora-Afonso,Pino Caballero-Gil,Jezabel Molina-Gil

DOI: https://doi.org/10.48550/arXiv.2208.03541

2022-08-06

Cryptography and Security

Abstract:The rapid deployment of wireless technologies has given rise to the current situation where mobile phones and other wireless devices have become essential elements in all types of activities, including in the home. In particular, smartphones and laptops are used for wirelessly sharing photos and documents, playing games, browsing websites, and viewing multimedia, for example. This work describes a proposal for both desktop and mobile applications that use Identity-Based Cryptography (IBC) to protect communications between smart wireless devices in the home. It combines the use of IBC for Wi-Fi and Bluetooth communication, with the promising Near Field Communication (NFC) technology for secure authentication. The proposed scheme involves NFC pairing to establish as public key a piece of information linked to the device, such as a phone number or an IP address. In this way, such information can be then used in an IBC scheme for peer-to-peer communication. This is a work in progress, but preliminary implementations of prototypes on several mobile platforms have already produced promising results.

Ning Sun,Tao Li,Gongfei Song,Haoran Xia

DOI: https://doi.org/10.1155/2021/6676946

2021-03-24

Mobile Information Systems

Abstract:In the process of implementing the Internet of Things, the object itself has identity information and identification equipment and encounters difficulties in communication security during the process of entering the network communication. Just like the Internet and wireless sensor networks, there are security issues in information transmission. Therefore, it is of great significance to study the mobile Internet of Things network security technology depression to protect the communication information in the mobile Internet of Things. This paper mainly studies the network security technology of intelligent information terminal based on mobile Internet of Things. This article will analyze and compare the mainstream encryption algorithms of the current mobile Internet and choose a safer and more secure HASH algorithm. We study the flow of key management, key generation, key distribution, verification key distribution, key update, key storage, key backup, and key validity time setting for mobile Internet of Things, using an existing identity cryptosystem. Based on encryption, the design technology of key management and authentication in this paper is improved. Compared with other methods, the storage consumption of this method on GWN is relatively medium. In the initial stage, the storage is 32 bytes, then in registration stage 1, it reaches 84 bytes, in registration stage 2, it is 82 bytes, and then, in the login authentication phase, the number of bytes rose and reached 356 bytes in authentication phase 3. Experimental results show that this protocol has certain advantages in ensuring safety performance.

computer science, information systems,telecommunications

ZHANG Xiao-wei,ZHANG Gui-dong,SHEN Yong-jun

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2009.12.043

2009-01-01

Abstract:As the first defense line of secure application system, the identity authentication is the most important secure service. By analyzing disadvantages of username/password and one-time password, and the threat of malware, we proposed a double factor authentication system based on mobile terminal. Analyzing and testing of the prototype system indicated that the system can resolve problems such as password guess, small integer attack, password leak brought by malware, etc, and have well running efficiency.

ZHANG Xiaolin,GU Dawu,ZHANG Chi

DOI: https://doi.org/10.11959/j.issn.2096-109x.2020081

2020-01-01

Abstract:Recent studies have shown that attacks against USIM card are increasing, and an attacker can use the cloned USIM card to bypass the identity verification process in some applications and thereby get the unauthorized access. Considering the USIM card being cloned easily even under 5G network, the identity verification process of the popular mobile applications over mobile platform was analyzed. The application behaviors were profiled while users were logging in, resetting password, and performing sensitive operations, thereby the tree model of application authentication was summarized. On this basis, 58 popular applications in 7 categories were tested including social communication, healthcare, etc. It found that 29 of them only need SMS verification codes to get authenticated and obtain permissions. To address this issue, two-step authentication was suggested and USIM anti-counterfeiting was applied to assist the authentication process.

Xinman Zhang,Jiayu Zhang,Tingting He,Yiyu Chen,Yuanjun Shen,Xuebin Xu

DOI: https://doi.org/10.1145/3301551.3301600

2018-01-01

Abstract:In the modern era of rapid development of information technology and mobile Internet, mobile terminals represented by Android smart phones are applied to various fields of life, and the number of users is far more than that of traditional PC terminals. Mobile financial applications marked by mobile banking and mobile payment have higher access control requirements, while traditional text passwords, dynamic passwords and verification codes have hidden dangers of being stolen and copied. How to apply biometrics to mobile identity authentication with high security requirements has become a hot issue for scholars all over the world. Lip reading and speech biometrics are studied in this paper, and a multi-biometric fusion authentication system based on both on Android smart phone platform is developed.

张亮,刘建伟

DOI: https://doi.org/10.3969/j.issn.1002-0802.2009.01.091

2009-01-01

Abstract:With the improvement of wireless network, there are increasing users wirelessly accessing the Internet through mobile phones. So it is very important to solve the identity authentication problems of wireless access users. Dynamic password has become the new development trend for the Identity Authentication mechanism. It offers stronger security than the static password. In this article, a dynamic password authentication protocol based on callenge/rsponse mechanism is designed. According to this protocol, a dynamic password identity authentication system based on mobile phone token is designed. The composition and authentication processes of this system are described in detail, and its security is analyzed as wel1. The analysis indicates that this system features high security and wide application. It can be conveniently used and implemented in low cost.

Jie CHEN,Hong WEN,Song-lin CHEN,Wen-jie LIU,Jin-ling ZHANG

DOI: https://doi.org/10.3969/j.issn.1002-0802.2017.12.025

2017-01-01

Abstract:In the era of 5G, a large number of wireless terminal devices connected to the Internet of things are connected to the network. The openness of the wireless network makes it vulnerable to various attacks. Authentication is usually the first line of defense for secure communications to identify the identity and message authenticity of the sender and receiver. At present, there are several problems in the authentication of communication systems: The traditional password based authentication is not suitable for lightweight devices, and cannot be used in the Internet of things terminal on a large scale. Many authentication mechanisms are usually single and do not apply to mobile terminals. In view of the above problems, a cooperative identity detection mechanism for mobile terminals in the Internet of things is proposed. Specifically, physical layer authentication is suitable for lightweight devices, and combines the authentication mechanism based on radio frequency fingerprint and channel information to authenticate the identity and data of mobile terminals, aiming to achieve lightweight, safer and wider range of authentication.

Zhi Li,Qibin Sun,Yong Lian,D. D. Giusto

DOI: https://doi.org/10.1007/11538356_78

2005-01-01

Abstract:Motivated by the need for designing secure and user-friendly authentication method for mobile devices, we present a novel image-based authentication (IBA) scheme in this paper. Its mnemonics efficacy rests on the human cognitive ability of association-based memorization. To tackle the shoulder-surfing attack issue, an interactive authentication process is presented. System performance analysis and comparisons with other schemes are presented to support our proposals.

Kai Xi,Tohari Ahmad,Fengling Han,Jiankun Hu

DOI: https://doi.org/10.1002/sec.225

IF: 1.968

2011-01-01

Security and Communication Networks

Abstract:With fast evolution of mobile devices and mobile network, the need of protecting user sensitive information locally and performing secure user authentication remotely become evermore increasing. Bio-cryptography is emerging as a powerful solution which can combine the advantages of conventional cryptography and biometric security. In this paper, we present an efficient bio-cryptographic security protocol designed for client/server authentication in current mobile computing environment, with a reasonable assumption that server is secure. In this protocol, fingerprint biometric is used in user verification, protected by a computationally efficient Public Key Infrastructure (PKI) scheme, Elliptic Curve Cryptography (ECC). The genuine fingerprint information is hidden in the feature vault which is the mixture of genuine and chaff features. Fingerprint features are not only used for biometric verification but also for cryptographic key generation. Our security analysis shows that the proposed protocol can provide a secure and trustworthy authentication of remote mobile users over insecure network. Experimental results on public domain database show an acceptable verification performance. We also tested the computational costs and efficiency of our protocol on the CLDC emulator using Java ME (previous J2ME) programming technology. The simulation results prove that the proposed protocol suits current mobile environment. Copyright (C) 2010 John Wiley & Sons, Ltd.

Xi Li,Hanping Hu,Yì Wáng,Maocai Wang

2008-01-01

Abstract:At present the security of mobile services cannot be satisfied with the special requirements of mobile payment. Then the paper proposes a mobile terminal using the payment protocol and the security scheme to construct the mobile payment. With the character of generating keys from identity itself, furthermore, the scheme uses the efficient identity-based signature from tate pairings in smart card instead of digital certificate mechanism because the distribution and the management of digital certificate are not easy in wireless networks. The proposed signature scheme is simple, efficient so that it will be suitable for an environment of finite bandwidth of wireless networks and low-capability equipment. Security and performance analysis show that the proposed mobile terminal not only protects the data security but also reduces the time consuming and the costs.

Jun-jun Wu,Ming-wei Fang,Xinfang Zhang,Tongyang Wang

DOI: https://doi.org/10.4304/jnw.7.9.1341-1348

2012-01-01

Journal of Networks

Abstract:Technologies make the mobile terminals such as smart phones, PDAs and handsets much more powerful to access mobile network in recent years. Especially with the widely use of mobile terminals, mobile network now becomes a primary tool for daily and business interactions. However, the proliferation of mobile terminals also draws mobile malware’s attention which will do damage to the mobile terminal and further affect the security of mobile network. But the traditional access control and authentication mechanism cannot resolve such security issues. On the basis of trusted computing technology, we proposed a mobile trusted network architecture by extending the trusted network connection in mobile environment. And an improvement EAP-EHash method is used in the proposed architecture to implement authentication. We defined two service scenarios in the authentication scheme, home network authentication and roaming network authentication. The process of each scenario is described in detail. By introducing the pseudonym mechanism, our scheme can protect user identity. And the connection status not only depends on the identification process, but also the trust status of the platform. The analysis shows that our scheme benefits the properties of user identity anonymity, mutual authentication, fake agent resistance, platform integrity verification, EAP and TNC Compatible. And the ciphersuite negotiation makes our scheme more suitable for resource limited mobile terminals.

Minglei Shu,Chengxiang Tan,Haihang Wang

DOI: https://doi.org/10.1109/ssme.2009.43

2009-01-01

Abstract:Identity authentication is the first line of defense in the security application system to access the mobile network resources. However, as the means of attacking become variety, new requirements have been brought forward for the technology of identity authentication. To improve performance of mobile authentication, this paper presents a novel mobile authentication scheme, which transmits message encrypted with digital certificate to implement authentication between the mobile phone and the server. Theoretical analysis and experiments indicate the scheme satisfies security, non-repudiation and mutual authentication.

Zhi Guan,Zhen Cao,Xuan Zhao,Ruichuan Chen,Zhong Chen,Xianghao Nan

DOI: https://doi.org/10.1109/ICDCS.2008.24

2008-01-01

Abstract:The growing popularity of web applications in the last few years has led users to give the management of their data to online application providers, which will endanger the security and privacy of the users. In this paper, we present WebIBC, which integrates public key cryptography into web applications without any browser plugins. The public key of WebIBC is provided by identity based cryptography, eliminating the need of public key and certificate online retrieval; the private key is supplied by the fragment identifier of the URL inspired by BeamAuth. The implementation and performance evaluation demonstrate that WebIBC is secure and efficient both in theory and practice.

Zhen Huang,Xiaomei Zhang,Lei Wang,Zhengying Li

DOI: https://doi.org/10.1109/cisp-bmei.2017.8302103

2017-01-01

Abstract:With the popularity of the mobile terminals, identity authentication for the mobile terminal applications has become a key issue in protecting the security of the mobile terminal information. The voiceprint recognition technology has broad application prospects because of its flexible, economical and practical advantages. This paper describes the realization of the voiceprint identity authentication system for Android mobile terminal in detail, including the design of the voiceprint registration module and the design of the voiceprint recognition module. In order to solve the problem that the training sample data generalization ability is not high, this paper presents a training and recognition method of voiceprint model combined with stacking and cross validation. Finally, the performance of the system is tested. The experimental results show that the system has better authentication ability.

Jian Wang,Haihang Wang,Chengxiang Tan

2009-01-01

Journal of Computational Information Systems

Abstract:The wireless way that terminal devices connected to mobile networks communicate with fixed-IP networks brings serious hidden trouble to security. To ensure the security of mobile access, a mobile security access system (SMAS) based on IPSec VPN is designed and implemented. This system adopts multi-factor authentication mechanism based on both smart card and X. 509 certificates to meet security requirement, and adaptive VPN dial-up policy and hardware encryption card to improve system efficiency. Test results show that the system can ensure the communications security between mobile devices and fixed-IP networks perfectly with a high efficiency. Copyright © 2009 Binary Information Press.