Token-based authentication for smartphones

2013 International Conference on Data Communication Networking (DCNET) Pub Date : 2013-07-29 DOI:10.5220/0004520000510056

Manuel Koschuch, Matthias Hudler, H. Eigner, Zsolt Saffer

{"title":"Token-based authentication for smartphones","authors":"Manuel Koschuch, Matthias Hudler, H. Eigner, Zsolt Saffer","doi":"10.5220/0004520000510056","DOIUrl":null,"url":null,"abstract":"Due to short - but frequent - sessions of smartphone usage, the fast and easy usability of authentication mechanisms in this special environment has a big impact on user acceptance. In this work we propose a user-friendly alternative to common authentication methods (like PINs and patterns). The advantages of the proposed method are its security, fastness, and easy usage, requiring minimal user interaction compared to other authentication techniques currently used on smartphones. The mechanism described uses the presence of a Bluetooth-connected hardware-token to authenticate the user and can easily be implemented on current smartphones. It is based on an authentication protocol which meets the requirements on energy efficiency and limited resources by optimizing the communication effort. A prototype was implemented on an Android smartphone and an MSP430 based MCU. The token allows fast authentication without the need for additional user action. The entire authentication process can be completed in less than one second, the developed software prototype requires no soft- or hardware modifications (like rooting) of the Android phone.","PeriodicalId":430947,"journal":{"name":"2013 International Conference on Data Communication Networking (DCNET)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-07-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2013 International Conference on Data Communication Networking (DCNET)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0004520000510056","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

Abstract

Due to short - but frequent - sessions of smartphone usage, the fast and easy usability of authentication mechanisms in this special environment has a big impact on user acceptance. In this work we propose a user-friendly alternative to common authentication methods (like PINs and patterns). The advantages of the proposed method are its security, fastness, and easy usage, requiring minimal user interaction compared to other authentication techniques currently used on smartphones. The mechanism described uses the presence of a Bluetooth-connected hardware-token to authenticate the user and can easily be implemented on current smartphones. It is based on an authentication protocol which meets the requirements on energy efficiency and limited resources by optimizing the communication effort. A prototype was implemented on an Android smartphone and an MSP430 based MCU. The token allows fast authentication without the need for additional user action. The entire authentication process can be completed in less than one second, the developed software prototype requires no soft- or hardware modifications (like rooting) of the Android phone.

查看原文本刊更多论文

智能手机的基于令牌的身份验证

由于智能手机的使用时间短但频率高，在这种特殊环境下，认证机制的快速和简单可用性对用户的接受程度有很大影响。在这项工作中，我们提出了一种用户友好的替代常用身份验证方法(如pin和模式)。与目前智能手机上使用的其他身份验证技术相比，该方法的优点是安全、快速和易于使用，需要最少的用户交互。所描述的机制使用蓝牙连接的硬件令牌来验证用户，并且可以很容易地在当前的智能手机上实现。它基于一种认证协议，通过优化通信工作量来满足能源效率和有限资源的要求。在Android智能手机和基于MSP430的单片机上实现了原型。令牌允许快速身份验证，而不需要额外的用户操作。整个认证过程可以在不到一秒的时间内完成，开发的软件原型不需要对Android手机进行软或硬件修改(如生根)。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2013 International Conference on Data Communication Networking (DCNET)

自引率

0.00%

发文量