DSWISS LTD INIT INSTITUTE OF APPLIED INFORMATION TECHNOLOGY JUNE 2010 V1.0
With the increasing desire also of private individuals to access their confidential data even from their mobile devices, the need for strong security controls for such application arises – in the same way as it has years ago in the area of web applications. This paper covers one of the most important parts thereof: the login process that allows an application on a mobile device accessing data from a server using two-factor authentication.
An increasing number of internet-based end-customer applications require two-factor authentication. Text message (SMS) based one-time code distribution (as second factor) is rapidly becoming the most popular choice when strong authentication is needed, for example in e-banking. Low acquisition, distribution and help-desk cost are the main drivers for these socalled mTAN1 based authentication methods. All of these properties are particularly important for applications that serve large number of users, possibly on a global scale. With multi-factor authentication, each token available for authenticating the user falls into one of the following three categories: • • • Something the user knows (e.g. a password) Something the user has (e.g. a hardware token) Something the user is (e.g. a fingerprint)
mTAN-based strong authentication makes use of the two categories “something the user knows” (password) and “something the user has” (mobile device). During authentication, the user has to provide the password as well as a one-time secret received by SMS on his mobile phone. Proof of possession of the mobile phone (which is done by providing the received SMS code) is used as 2nd login factor. With increased capabilities of mobile devices, there’s been a trend towards accessing web services2 over the mobile channel3 as well. Much like a regular web-user also users that access the service via a mobile application must be authenticated with a mechanism that sports the required strength against identified, relevant threats. However simply transferring the mTAN-approach to mobile app development doesn’t work well, mainly because it would be cumbersome or even impossible to be used on the mobile device as it requires the user to switch between applications4. As a result, we have to come up with an authentication scheme that is better suited for mobile apps, which should provide security comparable to the two-factor authentication mechanism described above. In this paper, we propose a strong and practical two-factor authentication scheme for smart phones that does not negatively affect the user’s experience or usability and that provides security comparable to “classic” two-factor authentication schemes.
1 mobile Transaction Authentication Number 2 Also such implementing two-factor authentication 3 E.g. as an iPhone app 4 Mobile app and SMS inbox
mTAN is based on a simple principle: Once a user has securely proven possession of his mobile phone5, it can be used as the second login factor. While mTAN uses a unique SMS code that is generated on the server and received during each login attempt, our approach makes use of the “principle of key continuity” (also called “Baby Duck / Duckling”-model) to negotiate a token that is used as the second login factor. This model was already successfully implemented in protocols such as SSH or products such as Phil Zimmerman’s zFone. The idea behind this approach is that if we can securely authenticate one session (usually the first one) and derive a shared secret, this secret can be re-used to authenticate later sessions – i.e. each secret Sn6 directly depends the previous secret Sn-1. Assuming the shared secret Sn-1 can be stored securely on the mobile device, the second login factor (i.e. the next shared secret, Sn) can only be...