An Efficient Mutual Authentication for Mobile Communication

Chen, Hsin-Yu

22 July 2005

Owing to the fast progress of mobile communication technologies and the ubiquity of mobile networks, users can communicate with each other anytime and anywhere as long as they carry their smart and tiny mobile phones. This convenient communication service is quite popular and gradually joins in the people¡¦s life. Nevertheless, lots of attacks, such as the men-in-the-middle attacks and the replay attacks, are seriously threatening the security of the mobile networks and affecting the quality of the service simultaneously. Many security mechanisms for mobile communication have been introduced in the literature. Among these mechanisms, authentication plays a very important role in the entire mobile network system and acts as the first defense against the attackers since it can ensure the correctness of the identities of communication entities before they engage in any other communication activities. Therefore, to guarantee the quality of this advanced service, an efficient (especially, user efficient) and secure authentication scheme is urgently desired. In this thesis, we will propose a robust authentication scheme for mobile communication systems. Not only does the proposed scheme achieve mutual authentication, but also it greatly reduces the computation and communication cost of mobile users as compared with the existing authentication schemes.

Authentication protocols

Secure communication

Information security

Symmetric cryptosystems

Mobile communication

Design, Testing and Implementation of a New Authentication Method Using Multiple Devices

Cetin, Cagri

01 January 2015

Authentication protocols are very common mechanisms to confirm the legitimacy of someone’s or something’s identity in digital and physical systems. This thesis presents a new and robust authentication method based on users’ multiple devices. Due to the popularity of mobile devices, users are becoming more likely to have more than one device (e.g., smartwatch, smartphone, laptop, tablet, smart-car, smart-ring, etc.). The authentication system presented here takes advantage of these multiple devices to implement authentication mechanisms. In particular, the system requires the devices to collaborate with each other in order for the authentication to succeed. This new authentication protocol is robust against theft-based attacks on single device; an attacker would need to steal multiple devices in order to compromise the authentication system. The new authentication protocol comprises an authenticator and at least two user devices, where the user devices are associated with each other. To perform an authentication on a user device, the user needs to respond a challenge by using his/her associated device. After describing how this authentication protocol works, this thesis will discuss three different versions of the protocol that have been implemented. In the first implementation, the authentication process is performed by using two smartphones. Also, as a challenge, a QR code is used. In the second implementation, instead of using a QR code, NFC technology is used for challenge transmission. In the last implementation, the usability with different platforms is exposed. Instead of using smartphones, a laptop computer and a smartphone combination is used. Furthermore, the authentication protocol has been verified by using an automated protocol-verification tool to check whether the protocol satisfies authenticity and secrecy properties. Finally, these implementations are tested and analyzed to demonstrate the performance variations over different versions of the protocol.

access control

Authentication protocols

mobile devices

security

verification

Computer Sciences

Weak and strong authentication in computer networks

Choi, Taehwan

22 February 2013

In this dissertation, we design and analyze five authentication protocols that answer to the a firmative the following fi ve questions associated with the authentication functions in computer networks. 1. The transport protocol HTTP is intended to be lightweight. In particular, the execution of applications on top of HTTP is intended to be relatively inexpensive and to take full advantage of the middle boxes in the Internet. To achieve this goal, HTTP does not provide any security guarantees, including any authentication of a server by its clients. This situation raises the following question. Is it possible to design a version of HTTP that is still lightweight and yet provides some security guarantees including the authentication of servers by their clients? 2. The authentication protocol in HTTPS, called TLS, allows a client to authenti- cate the server with which it is communicating. Unfortunately, this protocol is known to be vulnerable to human mistakes and Phishing attacks and Pharm- ing attacks. Is it possible to design a version of TLS that can successfully defend against human mistakes and Phishing attacks and Pharming attacks? 3. In both HTTP and HTTPS, a server can authenticate a client, with which it is communicating, using a standard password protocol. However, standard password protocols are vulnerable to the mistake of a client that uses the same password with multiple servers and to Phishing and Pharming attacks. Is it possible to design a password protocol that is resilient to client mistakes (of using the same password with multiple servers) and to Phishing and Pharming attacks? 4. Each sensor in a sensor network needs to store n - 1 symmetric keys for secure communication if the sensor network has n sensor nodes. The storage is constrained in the sensor network and the earlier approaches succeeded to reduce the number of keys, but failed to achieve secure communications in the face of eavesdropping, impersonation, and collusion. Is it possible to design a secure keying protocol for sensor networks, which is e fficient in terms of computation and storage? 5. Most authentication protocols, where one user authenticates a second user, are based on the assumption that the second user has an "identity", i.e. has a name that is (1) fi xed for a relatively long time, (2) unique, and (3) ap- proved by a central authority. Unfortunately, the adoption of user identities in a network does create some security holes in that network, most notably anonymity loss, identity theft, and misplaced trust. This situation raises the following question. Is it possible to design an authentication protocol where the protocol users have no identities? / text

Authentication

Authentication protocols

Server authentication

Client authentication

Integrity

HTTP

HTTPS

Password protocol

TLS

Anonymous authentication

Sensor networks

Keying protocol

Návrh autentizace uživatelů ve společnosti / Company User Authentication Proposal

Klaška, Patrik

January 2018

This thesis is focused on the creation of functional authentication process of users into computer network in company Wistron InfoComm s.r.o. and discusses issues related to this process. The main aim of the thesis is to implement a functional and simultaneously realistic solution based on the company's requirements as well as described problems associated with the implementation of this solution.