Abstract
Many authentication schemes are based on parties possessing cryptographic keys often held on smart cards or other tamper-proof devices. Modern portable devices (e.g. PDAs, Smartphones) are enriched with advanced functionalities and thus could soon become both the preferred portable computing device (thereby substituting laptop computers) and a personal trusted device. This paper presents a novel two-factor authentication scheme whereby a Bluetooth-enabled handheld device is used to enforce basic password-based authentication thus improving convenience and usability. The main building block is a simple and efficient two-party authentication protocol based on a shared string (including the case of low entropy human memorable passwords) and on well known cryptographic primitives. The discussion relates to the banking sector but our scheme is readily adaptable to other more general contexts.
Original language | English (US) |
---|---|
Title of host publication | 4th Annual International Conference on Mobile Business, ICMB 2005 |
Publisher | Institute of Electrical and Electronics Engineers Inc. |
Pages | 28-34 |
Number of pages | 7 |
ISBN (Print) | 0769523676 |
DOIs | |
State | Published - Jan 1 2005 |
Externally published | Yes |