Loading [a11y]/accessibility-menu.js
A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices | IEEE Journals & Magazine | IEEE Xplore

A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices


Abstract:

The man-in-the-middle (MITM) attack is the major threat for handheld devices to agree on a session key in which they do not share any prior secret in advance, even if the...Show More

Abstract:

The man-in-the-middle (MITM) attack is the major threat for handheld devices to agree on a session key in which they do not share any prior secret in advance, even if these devices are physically located in the same place. Apart from insecurely typing passwords into handheld devices or comparing long hexadecimal keys displayed on the devices' screens, many other human-verifiable protocols have been proposed in the literature to solve the problem. Unfortunately, most of these schemes are unscalable to more users. Even when there are only three entities attempting to agree on a session key, these protocols need to be rerun three times. In this paper, we present a bipartite and a tripartite authentication protocol using a temporary confidential channel. Besides, we further extend the system into a transitive authentication protocol that allows multiple handheld devices to establish a conference key securely and efficiently. In addition, we provide a formal proof to our protocol to demonstrate our scheme is indeed secure. We also implement the prototype of the system on a mobile phone with satisfying performance.
Published in: IEEE Transactions on Information Forensics and Security ( Volume: 8, Issue: 8, August 2013)
Page(s): 1318 - 1330
Date of Publication: 19 June 2013

ISSN Information:


References

References is not available for this document.