A strong user authentication protocol for GSM

Traditionally, the authentication protocols for cellular phone networks have been designed for device authentication rather than user authentication, which brings certain limitations and restrictions on the functionality of the system. In this paper we propose a user authentication protocol for the Global Standards for Mobile (GSM) which permits the use of weak secrets (e.g. passwords or PINs) for authentication, providing new flexibilities for the GSM users. © 2005 IEEE

Guap-A strong user authentication protocol for GSM

Cataloged from PDF version of article.Traditionally, the authentication protocols for cellular phone networks have been designed for device authentication rather than user authentication, which brings limitations and restrictions on the functionality of the system. In this thesis we propose a user authentication protocol for GSM (Global System for Mobile) based cellular phone networks. Our protocol permits the use of weak secrets (e.g. passwords or PINs) for authentication and provides certain flexibilities for GSM users. The simulation results on currently established user authentication protocols and GUAP are presented. Our proposal also has a capture resilience extension to disable captured cellular phones securely.Aydemir, ÖzerM.S

Mobile distributed authentication protocol

Networks access control is a crucial topic and authentication is a pre-requisite of that process. Most existing authentication protocols (for example that used in the GSM mobile network) are centralised. Depending on a single entity is undesirable as it has security, trust and availability issues. This paper proposes a new protocol, GSM-secure network access protocol (G-SNAP). In G-SNAP, the authentication procedure and network access control is handled by a quorum of authentication centres. The advantages of the novel protocol include increased security, availability and distributed trust

A Secure Mobile-based Authentication System

Financial information is extremely sensitive. Hence, electronic banking must provide a robust system to authenticate its customers and let them access their data remotely. On the other hand, such system must be usable, affordable, and portable.We propose a challengeresponse based one-time password (OTP) scheme that uses symmetric cryptography in combination with a hardware security module. The proposed protocol safeguards passwords from keyloggers and phishing attacks. Besides, this solution provides convenient mobility for users who want to bank online anytime and anywhere, not just from their own trusted computers.La informació financera és extremadament sensible. Per tant, la banca electrònica ha de proporcionar un sistema robust per autenticar als seus clients i fer-los accedir a les dades de forma remota. D'altra banda, aquest sistema ha de ser usable, accessible, i portàtil. Es proposa una resposta al desafiament basat en una contrasenya única (OTP), esquema que utilitza la criptografia simètrica en combinació amb un mòdul de maquinari de seguretat. Amés, aquesta solució ofereix mobilitat convenient per als usuaris que volen bancària en línia en qualsevol moment i en qualsevol lloc, no només des dels seus propis equips de confiança.La información financiera es extremadamente sensible. Por lo tanto, la banca electrónica debe proporcionar un sistema robusto para autenticar a sus clientes y hacerles acceder a sus datos de forma remota. Por otra parte, dicho sistema debe ser usable, accesible, y portátil. Se propone una respuesta al desafío basado en una contraseña única (OTP), esquema que utiliza la criptografía simétrica en combinación con un módulo hardware de seguridad hardware. Además, esta solución ofrece una movilidad conveniente para los usuarios que quieren la entidad bancaria en línea en cualquier momento y en cualquier lugar, no sólo des de sus propios equipos de confianza