Evaluation of Encryption Procedure for User Attestation System Using a Cellular Phone

Evaluation of Encryption Procedure for User Attestation System Using a Cellular Phone

Noriyasu Yamamoto (Fukuoka Institute of Technology, Japan) and Toshihiko Wakahara (Fukuoka Institute of Technology, Japan)
Copyright: © 2012 |Pages: 12
DOI: 10.4018/jdst.2012070102
OnDemand PDF Download:
$30.00
List Price: $37.50

Abstract

To provide a low-cost and simple user attestation method, the authors previously proposed a method with strong authentication using the digital camera of a cellular phone. This method used 2D color code, and as such, there are some process costs like create and decode 2D color code. In this paper, the authors present an improved attestation system using a cellular phone and 2D color code. They compare the performance of the encryption methods and the efficiency of the proposed attestation method, which is confirmed using an experimental prototype system.
Article Preview

Introduction

With the explosive growth of the Internet, many web sites, such as shopping sites and online banking sites have been globally setup and managed by Web 2.0 technology. In the network-based services and systems, a user attestation system is needed for identifying the right user. As the user attestation system, a popular reusable password method which was used in the early days of the Internet is still widely used despite the danger (Figure 1). This is because the reusable password method is simple and cost-effective.

Figure 1.

A usable password scheme

However, this reusable password method is vulnerable to be used as a user attestation mechanism. With the increase of number of sites and services that require authentication, this system has many problems. Because it is managed by many one-password users, this system can be easy accessed by intrusion or improper password management.

In order to deal with these problems, we propose a new simple user attestation system using 2-Dimensional (2D) color code. The prototype system using the Quick Response (QR) code and cellular phone was implemented and the validity of the system was confirmed by experiments (Yamamoto & Wakahara, 2009). The system is easily realized by simply adding a few lines in the server program and utilizing the cellular phone equipped with QR code reading function. But still remain some problems such as steal monitoring of the network and spy a cellular phone screen.

In another previous work, we proposed a new low cost and simple attestation system using 2D color code which solves the above vulnerability of reusable password and steal monitoring (Yamamoto & Wakahara, 2010). The efficiency of the system was confirmed by the experiments. But, there are still some problems such as process costs for 2D color code (Yamamoto & Wakahara, 2011).

In this paper, we propose an improved attestation system using 2D color code, which solves the process costs for 2D color code.

The paper structure is as follows. In the next section, we introduce the first user attestation system using a cellular phone. Then, we show some problems such as process time for 2D color code. After that, in order to deal with these problems, we present a new user attestation procedure. Then, we discuss system evaluation. Finally, conclusions are given.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing