Go anywhere: user-verifiable authentication over distance-free channel for mobile devices

Current mobile technology gives us ubiquitous services with personal mobile devices such as smart phones, tablet PCs, and laptops. With these mobile devices, the human users may wish to exchange sensitive data with others (e.g., their friends or their colleagues) over a secure channel. Public key cr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Personal and ubiquitous computing 2013-06, Vol.17 (5), p.933-943
Hauptverfasser: Kang, Sukin, Kim, Jonguk, Hong, Manpyo
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Current mobile technology gives us ubiquitous services with personal mobile devices such as smart phones, tablet PCs, and laptops. With these mobile devices, the human users may wish to exchange sensitive data with others (e.g., their friends or their colleagues) over a secure channel. Public key cryptography is a good solution for establishing this secure channel. However, it is vulnerable to man-in-the-middle attack, if the entities have no shared information. A number of techniques based on human-assisted out-of-band channels have been proposed to solve this problem. Unfortunately, these works have a common shortcoming: The human users must be colocated in close proximity. In this paper, we focus on how to construct a distance - free channel , which is not location - limited for establishing a secure channel between two users (devices). The proposed distance-free channel provides identification and authentication of the devices at the different locations using taken pictures or pre-stored images. The human user participates in the authentication process by sending and verifying an image. We describe the prototype implementation operated on a smart phone and show the experimental results when actually two smart phones share a common key using Diffie–Hellman key agreement over the proposed distance-free channel.
ISSN:1617-4909
1617-4917
DOI:10.1007/s00779-012-0531-4