Abstract
Financial transaction through smart mobile devices is an attractive feature in today’s modern wireless network era. Despite having various advantages, privacy and security are always challenging in such services. A novel hybrid security scheme based on physical layer signature and cryptography has been proposed to provide a secured authentication scheme preserving user’s privacy, for the application of mobile payments. This scheme provides two levels of authentication, privacy preserving location authentication and device authentication. User’s privacy is preserved by encrypting the identity of the user by physical layer encryption based on user’s location. Physical layer signatures such as channel state information and carrier frequency offset are used for physical layer encryption. In conventional techniques, Media Access Control (MAC) address is used for initial authentication and they are shared without encryption. In this proposed technique, MAC is encrypted using the secret key derived from physical layer signatures using Singular Value Decomposition (SVD) to preserve privacy. Since secret key, generated using SVD, is location specific and varies with respect to the location, it is used for the location authentication. User authentication, required for mobile payment, is realised using asymmetric key cryptography technique. Since, physical layer security is used for privacy preserving location authentication in addition to the conventional cryptographic methods, the proposed method provides significant improvement in the security. The performance of the proposed method has been analysed in terms of information leakage to adversary, bit error rate performance, and transaction time in comparison with existing method which uses cryptography and provides only device authentication for mobile payment. The proposed technique gives better performance than existing technique in terms of privacy and authentication for mobile payment.
Similar content being viewed by others
References
Fan K, Li H, Jiang W, Xiao C, Yang Y. Secure authentication protocol for mobile payment. Tsinghua Sci Technol. 2018;23:610–20.
Banaeian Far S, Alagheband MR. Analysis and improvement of a lightweight anonymous authentication protocol for mobile pay-TV systems, presented at the 9th international symposium on telecommunications (IST), Iran, 2018; 466–73
Parikh S, Dave D, Patel R, Doshi N. Security and privacy issues in cloud, fog and edge computing. Proced Comput Sci. 2019;160:734–9.
Kaur K, Garg S, Kaddoum G, Guizani M, Nalin D, Jayakody K. A lightweight and privacy-preserving authentication protocol for mobile edge computing, presented at the IEEE global communications conference, Waikoloa, HI, USA, 2019; pp 1–6
Hazazi M, Tian Y, Al-Rodhaan M. Privacy-preserving authentication scheme for wireless networks. In Proc. 21st Saudi computer society national computer conference, Riyadh, 2018; pp. 1–6.
Chen Y, Xu W, Peng L, Zhang H. Light-weight and privacy-preserving authentication protocol for mobile payments in the context of IoT”. IEEE Access. 2019;7:15210–21.
Sun L, Du Q. A review of physical layer security techniques for internet of things: challenges and solutions. Entropy. 2018;20:730.
Lavanya R, Gunaseelan V. Physical layer security using an adaptive modulation scheme for improved confidentiality. IET Commun. 2019;13:3383–90.
Sharma V, You I, Andersson K, Palmieri F, Rehmani MH. Security, privacy and trust for smart mobile-internet of things (M-IoT): a survey. IEEE Access. 2020;08:167123–63.
Wang S, Wang J, Zhengtao Yu. Privacy-preserving authentication in wireless IoT: applications, approaches, and challenges. IEEE Wirel Commun. 2018;25:60–7.
Wu K, Xiao J, Yi Y, Chen D, Luo X, Ni LM. CSI based indoor localisation. IEEE Trans Parallel Distrib Syst. 2013;24:1300–9.
Xiong J, Jamieson K. Array track: a fine grained indoor location system. Proc USENIX Symp Netw Syst Des Implement. 2013;1:71–84.
Chang NB, Liu M. Optimal channel probing and transmission scheduling in a multichannel system. In: Proc ACM MobiCom, 2007; pp 27–38
Zhang L, Ding A, Fei Y, Luo P. A unified metric for quantifying information leakage of cryptographic devices under power analysis attacks. In: Proc international conference on the theory and application of cryptology and information security, 2015; pp 338–60
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
This article is part of the topical collection “Cyber Security and Privacy in Communication Networks” guest edited by Rajiv Misra, R K Shyamsunder, Alexiei Dingli, Natalie Denk, Omer Rana, Alexander Pfeiffer, Ashok Patel and Nishtha Kesswani.
Rights and permissions
About this article
Cite this article
Lavanya, D.L., Ramaprabha, R., Thangapandian, B. et al. Novel Privacy Preserving Authentication Scheme Based on Physical Layer Signatures for Mobile Payments. SN COMPUT. SCI. 2, 119 (2021). https://doi.org/10.1007/s42979-021-00509-8
Received:
Accepted:
Published:
DOI: https://doi.org/10.1007/s42979-021-00509-8