An Analysis of Server-Side Design for Seed-Based Mobile Authentication

Abstract

With the growing popularity of mobile apps, the security issues of mobile apps become critical. Similar to traditional cyber security, mobile security includes authentication, data integrity, and data privacy. Seed-based authentication is a novel approach for mobile systems. The key idea is to extract seeds from files such as images and generate random numbers for authentication. However, in seed-based authentication, the server side design is different from traditional username-password paradigm. Few work has been done to address server-side issues on seed-based authentication. In this paper, we focus on analyzing server-side design of seed-based authentication. We develop a prototype system and set up experiments to evaluate our server-side design.