Mobile authentication secure against Man-In-The-Middle attacks

Kemal Bicakci, Devrim Unal, Nadir Ascioglu*, Oktay Adalier

*Corresponding author for this work

Research output: Contribution to journalConference articlepeer-review

11 Citations (Scopus)

Abstract

Current mobile authentication solutions put a cognitive burden on users to detect and avoid Man-In-The-Middle attacks. In this paper, we present a mobile authentication protocol named Mobile-ID which prevents Man-In-The-Middle attacks without relying on a human in the loop. With Mobile-ID, the message signed by the secure element on the mobile device incorporates the context information of the connected service provider. Hence, upon receiving the signed message the Mobile-ID server could easily identify the existence of an on-going attack and notify the genuine service provider.

Original languageEnglish
Pages (from-to)323-329
Number of pages7
JournalProcedia Computer Science
Volume34
DOIs
Publication statusPublished - 2014
Externally publishedYes
Event9th International Conference on Future Networks and Communications, FNC 2014 and the 11th International Conference on Mobile Systems and Pervasive Computing, MobiSPC 2014 - Niagara Falls, ON, Canada
Duration: 17 Aug 201420 Aug 2014

Keywords

  • Authentication
  • Man-In-The-Middle attack
  • Mobile signature
  • Phishing
  • Secure element
  • Security protocol

Fingerprint

Dive into the research topics of 'Mobile authentication secure against Man-In-The-Middle attacks'. Together they form a unique fingerprint.

Cite this