SECURE KEY AGREEMENT AND KEY PROTECTION FOR MOBIL DEVICE USER AUTHENTICATIONSecure Key Agreement and Key Protection for Mobile Device User Authentication • July 20th, 2024
Contract Type FiledJuly 20th, 2024As mobile devices ownership becomes more prevalent (e.g. a user owns multiple mobile devices), the capability to offer secure and user-friendly authentication becomes increasingly important. While a large number of identity-based user authentication mechanisms for wireless mobile environment have been proposed. However, they are not generally designed for situations where a user’s private key and some other sensitive data can be exposed if his/her mobile device is remotely or physically controlled by an attacker. Threshold secret sharing is one of the solutions to this problem, but it is limited in the requirement that there should exist an honest third-party to hold the complete key after secret reconstruction process. Therefore, in this paper, we consider the special case that only two devices (i.e. no honest party) at the user’s side jointly perform user authentication with a server, and neither device can successfully complete the authentication process alone. Moreover, the key rec