Token Based Authentication using Mobile Phone
Parekh Tanvi SIMS, Indore email@example.com Gawshinde Sonal SSSIST, Indore firstname.lastname@example.org Sharma Mayank Kumar IET-DAVV, Indore leomayank @yahoo.com
Abstract: Digital identity is the key representation of user and getting most crucial subject for information security. The password based authentication is weak solution and no longer adequate. User select static password which is easy to guess and remember, relevant information or common for all authentication process. This simplicity makes weak authentication scheme; as so far, static passwords are known as easiest target for attackers. Further, Security Token based runtime interaction could extend the strength of authentication control. Security tokens can be used for strong authentication but inconvenient for user and costly for the service providers. To avoid the user inconvenient and extra cost mobile phone is an emerging alternative. These papers comprise the study of various digital identification schemes and give motivation to integrate mobile token. In order to establish standard for mobile token, work starts with the review of current schemes and explores the security architecture for strong authentication with mobile token. Password algorithm is derived to generate dynamic password for token authentication. Thereafter explore various authentication mechanisms to implement mobile token on different prospective. At the end, it describes the various test cases and evolutionary result of various attacks on suggested schemes.
could be great solution. These solutions make cheaper and flexible strong authentication for user as well as for the service provider and reduces worry of carrying extra hardware for identification only. In this paper we have used mobile phone as security token and proposed an authentication model for strong digital identification. To increase randomness paper demonstrates a Password algorithm to calculate dynamic password for digital identification. Paper also includes various mechanisms to implement mobile token. Work reveals that, the system consists a sms gateway or GSM modem to send dynamic password via SMS and verify to check digital identification. II. BACKGROUND The concept of security is not only important but mandatory to the success of digital solution. There is no clear definition for strong authentication. Strong authentication is an approach to extend security level and try to achieve security requirement.  Security is not only meant for buying, exchanging or selling products or services but also important to maintain decency of information and system. It is also important to establish network and communication between PCs, servers, application and mobiles phones. Identification and authorization is the key requirement of security. Currently, solutions rely on “static password” to establish trust and verify user authenticity.  User chooses password, which is easy to guess and remember, relevant information or common for all authentication process. Sometime user derive password from what they have in there mind. Strong password (i.e. @my$sit13*) is tiresome to remember and demands hard time to handle it. People like to store passwords into diary or take common password for all; these are susceptible for password leek. Weak authentication scheme may cause to exploit access level vulnerability and liable for information leek. Furthermore, Attack methods are generally unique to the targeted application or system, and common techniques can be used. Attacker have multiple option to steel passwords like spoofing, surfing, eavesdropping, brute forcing , predicting, profile study and many more. These study conclude that, work demand an interactive security process which should be variant in each identification. Token based authentication is the mechanism, which requires hardware...