Using Mobile Devices for User Authentication

Lach, Jacek

doi:10.1007/978-3-642-13861-4_27

Jacek Lach²

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 79))

Included in the following conference series:

International Conference on Computer Networks

1137 Accesses
1 Citations

Abstract

One of the most common methods of user authentication utilizes passwords. This technique is widely spread and well known. Its main drawback is that it stresses human memory to allow for successful authentication and still remains in the domain which is called weak authentication. This paper presents a solution to this problem by introducing a form of two factor authentication by utilization of smartphones. The idea of such system is presented as well as a sample implementation, called MOTH (an acronym for MObile auTHentication), which allows for user authentication. The discussion of the system’s security and its limitations is also presented.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Bishop, M.: Computer Security. Art and Science. Addison-Wesley, Reading (2005)
Google Scholar
Menezes, A.J., Oorschot van, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1997)
MATH Google Scholar
Morris, R., Thompson, K.: Password Security: A case history. Communications of the ACM 22(11), 594–597 (1979)
Article Google Scholar
Klein, D.V.: Foiling the Cracker: A Survey of, and Improvements to, Password Security. In: Proceedings of the second USENIX Workshop on Security, pp. 5–14 (1990)
Google Scholar
Manber, U.: A simple scheme to make passwords based on one-way functions much harder to crack. Computers and Security 15(2), 171–176 (1996)
Article MathSciNet Google Scholar
Yan, J.: A Note on Proactive Password Checking. In: Proceedings of 2001 ACM New Security Paradigms Workshop, New Mexico, USA (September 2001)
Google Scholar
Oprea, A., Balfanz, D., Durfee, G., Smetters, D.K.: Securing a remote terminal application with a mobile trusted device. In: Computer Security Applications Conference, pp. 438–447 (2004)
Google Scholar
Wu, M., Garfinkel, S., Miller, R.: Secure Web Authentication with Mobile Phones. In: DIMACS Workshop on Usable Privacy and Security Software (2004)
Google Scholar
NIST. Entity Authentication Using Public Key Cryptography. FIPS PUB 196, http://csrc.nist.gov/publications/fips/fips196/fips196.pdf

Download references

Author information

Authors and Affiliations

Silesian Technical University, Akademicka 16, 44-100, Gliwice, Poland
Jacek Lach

Authors

Jacek Lach
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Institute of Informatics, Silesian University of Technology, Gliwice, Poland
Andrzej Kwiecień , Piotr Gaj & Piotr Stera , &

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Lach, J. (2010). Using Mobile Devices for User Authentication. In: Kwiecień, A., Gaj, P., Stera, P. (eds) Computer Networks. CN 2010. Communications in Computer and Information Science, vol 79. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13861-4_27

Download citation

DOI: https://doi.org/10.1007/978-3-642-13861-4_27
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13860-7
Online ISBN: 978-3-642-13861-4
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics