A Novel User Authentication Scheme Based on ... - Semantic Scholar
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
937
A Novel User Authentication Scheme Based on QR-Code Kuan-Chieh Liao Department of Accounting & Information Systems, ASIA University, Taichung, Taiwan, R.O.C. Email: [email protected]
Wei-Hsun Lee Department of Information Science and Applications, ASIA University, Taichung, Taiwan, R.O.C. Email: [email protected]
Abstract—User authentication is one of the fundamental procedures to ensure secure communications and share system resources over an insecure public network channel. Thus, a simple and efficient authentication mechanism is required for securing the network system in the real environment. In general, the password-based authentication mechanism provides the basic capability to prevent unauthorized access. Especially, the purpose of the one-time password is to make it more difficult to gain unauthorized access to restricted resources. Instead of using the password file as conventional authentication systems, many researchers have devoted to implement various one-time password schemes using smart cards, time-synchronized token or short message service in order to reduce the risk of tampering and maintenance cost. However, these schemes are impractical because of the far from ubiquitous hardware devices or the infrastructure requirements. To remedy these weaknesses, the attraction of the QR-code technique can be introduced into our one-time password authentication protocol. Not the same as before, the proposed scheme based on QR code not only eliminates the usage of the password verification table, but also is a cost effective solution since most internet users already have mobile phones. For this reason, instead of carrying around a separate hardware token for each security domain, the superiority of handiness benefit from the mobile phone makes our approach more practical and convenient. Index Terms—one-time password; user authentication; QRcode; mobile phone
I. INTRODUCTION With the rapid development of computer network technologies, more and more computers connect together to exchange great information and share system resources. Security is then an important issue for computer networks. To prevent the information from being accessed by illegitimate or unauthorized users, remote authentication of users is certainly one of the most important services. User authentication is the essential security mechanism Manuscript received May 20, 2009; revised November 30, 2009. The associate editor coordinating the review of this paper and approving it for publication was Dr. Hsing-Chung Chen.
© 2010 ACADEMY PUBLISHER doi:10.4304/jnw.5.8.937-941
to establish the trust relationship under open network environments. Password-based authentication scheme is the most common method to check the validity of the login message and authenticate the user. One-time password is a password that is only valid for a single login session or transaction. The one-time password avoids various shortcomings associated with traditional static password, such as replay attack, dictionary attack, and phishing attack. This means that, if a potential intruder manages to record a one-time password that was already used to log into a service or to conduct a transaction; he will not be able to abuse it since it will be no longer valid. Therefore, the purpose of the one-time password is to make it more difficult to gain unauthorized access to restricted resources. On the hand, one-time password schemes cannot be memorized by human beings. For this reason, they require additional technology in order to work. Basically one-time password schemes can be classified into the following four categories: A.
Based on the mathematical algorithm In 1981, Lamport [8] first proposed the one-time password authentication scheme by using the one-way hash chain. However, if an indefinite series of passwords is wanted, a new seed value need to be chosen after the set of old hash chain is exhausted. Especially, maintaining a password file to verify the user’s authentication request also increases the risk of tampering and maintenance cost. For this reason, many researchers [1][3][4][11][16][18] have proposed various user authentication schemes using smart card to improve the security, the cost or the efficiency. B.
Based on the smart card Due to the tamper-resistance and convenience in managing a password file, smart cards have been widely adopted in many remote authentication schemes [1][3][4][11][16][18]. However, carrying around the cards and the reader remains a burden to users. Since the card and the reader are far from ubiquitous, thus this
938
obstacle has restricted the application of smart card based authentication schemes. C.
Based on the time-sychronized token The time-synchronized one-time passwords are usually related to physical hardware tokens. Inside the token is an accurate clock that has been synchronized with the clock on the authentication server. Recently, it has become possible to take the electronic components associated with regular key fob one-time password tokens such as those from InCard [6], RSA [15], SafeNet [9], and Vasco [17]. However, for the same reason as the smart card based schemes, these approaches are also inconvenient because of the cost of one-time password hardware and the infrastructure requirements. D.
Based on the Short Message Service (SMS) Since SMS is a ubiquitous communication channel and being available in all handsets. However, SMS is a best effort delivery, which means that the phone company will try to deliver it, but they will not guarantee it will get there, or if it does how long it will take. It should be noted that one-time passwords should have a time to live as a security feature. Moreover, the SMS based scheme till incurs extra charges. Thus, it is impractical and is not necessarily a low total cost solution. These above-mentioned obstacles have obviously restricted the practicability of the one-time password authentication schemes. Therefore, it is very interest to devise a solution which can overcome these drawbacks. Due to the rapid advances in mobile communication technologies, QR-code [7] in the embedded camera devices has been used as new input interfaces. The mobile phones with embedded camera can capture the QR-codes and decode them with software running on the phone [2]. Meanwhile, there are many advantages to use the QR-code in mobile phones such as omni-direction readability and error correction capability. For this reason, mobile phones adopt the QR-code to support many services nowadays such as booking tickets, paying a fee and URL reading [10][13][19]. So an interesting approach proposed in this paper is adopting the widely used QR-code technique to support the one-time password system, since the QR-code applications with mobile phones can derive the benefits inherited from QR-code, such as the large capacity, the small printout size, the high speed scan, the damage resistance and the data robustness. Besides, various properties, such as mobility and handiness, benefit from the mobile device make our approach more practical. Thus, our approach could be more convenient since the users would not need to carry around a separate hardware token for each security domain to which they require access. This paper is organized as follows. Section II gives the basic concept of the QR-code. In Section III, the proposed QR-code based one-time password authentication scheme is given. In Section IV, the © 2010 ACADEMY PUBLISHER
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
feasibility evaluation and security analysis are discussed. Finally, this paper concludes in Section V.
II. BASIC CONCEPT OF THE QR-CODE The QR-code [7] is a two-dimensional barcode introduced by the Japanese company Denso-Wave in 1994. It contains information in both vertical and horizontal directions, whereas a classical barcode has only one direction of data. Compared to classical barcode, a QR-code can hold a considerably greater volume of information: 7,089 characters for numeric only, 4,296 characters for alphanumeric data, 2,953 bytes of binary (8 bits). The “QR” is derived from “Quick Response”, as the creator intended the code to allow its contents to be decoded at high speed. In addition, QR-Code also has error correction capability. Data can be restored even when substantial parts of the code are distorted or damaged. Many cellular phones with embedded camera nowadays are natively equipped with the QR-code decoding software. With the aid of the equipment, it’s simply for a human to manually decode QR-codes and then displays, manipulates, or stores the information on their mobile devices. Figure 1 and Figure 2 illustrate the QR-code encoding and decoding diagrams respectively.
Figure 1. QR-code encoding diagram.
Figure 2. QR-code decoding diagrams.
QR-codes are part of daily life in Japan, Korea, Taiwan, Hong Kong, and China. Moreover, depending on the type of data recognized and the nature of the application, alternative actions can follow the decoding stage: a phone number can be automatically dialed, a short text message can be sent, a web page corresponding to the decoded URL can be displayed in a mobile browser, or a definite application can be executed. Thus, due to QR-codes now appear in magazines, advertisements, product wrappings,
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
939
T-shirts, passports, business cards and on subway billboards in Japan, most current Japanese mobile phones can read this code with their camera. However, at a consumer market level, QR-codes are virtually unknown outsides of Asia. [14] Fortunately, for camera phones that are not equipped with QR-code readers, QuickMark [12] and I-nigma [5] both provide free tools that are available for many manufactured models and devices to decode QR-Codes simply. Figure 3. Registration phase.
III. PROPOSED SCHEME The major concern of our scheme is to make use of the deployed widespread QR-code techniques in order to eliminate the drawbacks of the prior one-time password schemes. The convenient integration of the web-based application and the mobile devices’ usage makes our scheme more practical. The proposed scheme involves two parties: a service provider (SP for short) and remote users. Each authorized user can request service from SP with the granted access rights. In addition, each user hold a mobile phone with embedded camera, therefore he can take a picture of the QR-code image and then decode it. Our scheme is divided into two phases: Registration and Verification phases. The notation in TABLE I is employed throughout this paper. TABLE I.
NOTATION
Notation
Description
h(·)
An one-way hash function
B. Verification Phase The verification phase is shown as follows. Besides, the steps for verification phase are also shown in Figure 4. 1) User A sends IDA and T1 to SP, where T1 is the time stamp attached by the User A. 2) SP examines whether the time stamp T1 is correct. If it is invalid, then rejects it. Otherwise, he chooses a random number r, computes xA = h(IDA, s), and α = r ♁ xA,
and then sends EQR(α), h(r, T1, T2), and T2 to User A, where T2 is the time stamp attached by the SP. 3) User A examines whether the time stamp T2 is correct. If it is invalid, then rejects it. Otherwise, he derives r by computing r = DQR(EQR(α)) ♁ xA.
EQR(·)
A function that encodes data into QR-code image
DQR(·)
A function that decodes the QR-code image captured in an embedded camera device
s
SP’s long-term secret key
T1 , T2
Time stamps
(1)
and sends xA to User A’s mobile device via a secure channel. 3) User A’s mobile device stores xA as the long-term secret key.
Figure 4. Verification phase.
© 2010 ACADEMY PUBLISHER
(3)
with his embedded camera devices. After that, User A examines whether h(r, T1, T2) is correct. If holds, then User A sends h(r, T2, T3) and T3to SP. 4) SP examines whether the time stamp T3 is correct. If it is invalid, then rejects it. Otherwise, he checks whether h(r, T2, T3) is correct. If holds, then SP is convinced that User A is validated. Otherwise, the request is rejected.
A. Registration Phase Without loss of generality, assume that a User A with an embedded camera mobile device wants to join the system. Then, SP and User A carry out the following registration procedures. Besides, the steps for Registration phase are shown in Figure 3. 1) User A sends his identity IDA to SP. 2) SP computes xA = h(IDA, s)
(2)
940
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
IV. DISSCUSSIONS In the proposed QR-code based remote authentication model, instead of adopting the traditional smart card in our scheme, the user’s mobile phone takes the responsibility for capturing the QR-code image and decoding them. For this reason, the feasibility evaluation of the operations in the mobile phone is especially discussed in this section. Also, some possible attacks against the proposed scheme are taken into account. A. Feasibility Evaluation According to equation (3), it can be observed that the embedded camera mobile device only need to carry out a QR-code decoding operation and a logical operation, exclusive OR. Thus, it is obviously to see that the overall computational load is acceptable. On the other hand, from the view point of the user’s computer, instead of using an extra random number generator, the time stamps T1 and T3 are applied to strengthen the security of the one-time password r. Without the random number generator loading, it is consequently more efficient and suitable for the remote user. In addition, from the view point of the service provider, no extra cost is necessary to create and maintain the password table for storing each user’s long-term secret key. Accordingly, without maintaining a password file to verify the user’s authentication request can decrease the risk of tampering and maintenance cost successfully. Therefore, according to the foregoing discussions, it can be seen that the proposed authentication protocol based on QR-code is efficient and practical.
On the other hand, if an adversary intercepts the information being transmitted over the public channel, it is still infeasible to derive r from h(r, T1, T2) and h(r, T2, T3), because that the one-way hash function is unreversable. 4) Man-in-the-middle attack and replay attack Suppose that the intruder replays a legal request with time stamp T3 intercepted from the public channel and the SP receives the access request message at the time T3’. Since that T3’-T3 is not less than the legal time interval, the service provider will reject it. In addition, r is a random number chosen by SP from time to time. Thus, both the man-in-the-middle attack and the replay attack will fail.
V. CONCLUSION In the humanistic society today, the design for daily product or various systems must be designed under the consideration of human habits and convenience as well as daily product. The motivation of this paper is the first to propose a QR-code based one-time password authentication protocol, which not only eliminates the usage of the password verification table, but also is a cost effective solution since most internet users already have mobile phones. From the user’s vision, our approach could be more convenient, because the burden of carrying a separate hardware token or extra charges from the Short Message Service can be removed. Thus, the contribution is therefore obviously.
REFERENCES B. Security analyses 1) Security risk of the user’s mobile phone Since the mobile phone has the user’s long-term secret key, therefore, it needs to be well-protected. Fortunately, the mobile phones with embedded camera in our scheme only capture the QR-code and decode them with software running on the phone. Accordingly, the mobile device isn’t directly exposed to other malicious users. Thus, under this reasonable assumption, the risks generated by the mobile phone will be significantly reduced. 2) Security risk of the SP It is infeasible for an attacker to derive SP’s secret values s according equation (1), because that the one-way hash function is unreversable. On the other hand, the attack of impersonating CA will also fail, because he still cannot derive xA without the knowledge of s. 3) Security risk of the remote user According to equation (2) and (3), it can be observed that it is infeasible to obtain the valid user’s long-term secret key xA without the knowledge of the corresponding random number r.
© 2010 ACADEMY PUBLISHER
[1] H. Y. Chien, J. K. Jan, and Y. M. Tseng, “An efficient and practical solution to remote authentication: smart card,” Computers & Security, Vol. 21, No. 4, pp. 372– 375, 2002. [2] T. Falas, H. Kashani, “Two-Dimensional Bar-code Decoding with Camera-Equipped Mobile Phones,” Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops, 19-23, March, 2007, pp. 597-600. [3] H. C. Hsiang, W. K. Shih, “Weaknesses and improvements of the Yoon–Ryu–Yoo remote user authentication scheme using smart cards,” Computer Communications, Vol. 32, Issue 4, pp. 649-652, 2009. [4] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28–30, 2000. [5] I-Nigma: Retrieved November 2009 from: http://www.inigma.com/. [6] InCard DisplayCards: Retrieved November 2009 from: http://www.incard.com/products.html. [7] ISO/IEC 18004:2000. Information technology-Automatic identification and data capture techniques-Bar code Symbology-QR Code, 2000 [8] L. Lamport, “Password authentication with insecure communication,” Communications of ACM, Vol. 24, No. 11, pp. 770-772, 1981. [9] OTP Authenticators, “Retrieved November 2009 from: http://www.safenetinc.com/Products/Data_Protection/MultiFactor_Authentication/OTP_Authenticators.aspx.
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
[10] T. S. Parikh and E. D. Lazowska, “Designing an architecture for delivering mobile information services to the rural developing world,” Proceeding of the Seventh IEEE Workshop on Mobile Computing Systems and Applications, Washington DC, USA, April 2006, pp.31-33. [11] M. Peyravian and C. Jeffries, “Secure remote user access over insecure networks,” Computer Communications, Vol. 29, Issue 1, pp. 660-667, 2006. [12] Quickmark. Retrieved November 2009 from: http://www.quickmark.com.tw/. [13] J. Rekimoto and M. Saitoh, “Augmented Surfaces: A Spatially Continuous Work Space for Hybrid Computing Environments,” Proceedings of the ACM Conference on Human Factors in Computing Human Interaction, Pittsburgh, PA, 15-20 May, 1999, pp. 378-385. [14] J. Rouillard, “Contextual QR Code,” Proceedings of the Third International Multi-Conference on Computing in the Global Information Technology, Athens, Greece, July 27 – August 1, 2008, pp. 50-55. [15] RSA SecureID. Retrieved November 2009 from: http://www.rsa.com/node.aspx?id=1156. [16] H. M. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958-961, 2000. [17] VASCO. Retrieved November 2009 from: http://www.vasco.com/solutions/partners/novell.aspx. [18] J. Xu, W. T. Zhu, and D. G. Feng, “An improved smart card based password authentication scheme with provable security,” Computer Standards & Interfaces, Volume 31, Issue 4, pp. 723-728, , June 2009. [19] G. Yu, Z. Wang, Y. Li, and L. He, “An application and implementation of two-dimensional symbols for circuit board quality control system,” Proceedings of the 2nd IEEE International Conference on Industrial Informatics, Berlin, 26 June, 2004, pp.397-401.
© 2010 ACADEMY PUBLISHER
941
Kuan-Chieh Liao was born in Taichung, Taiwan on September 23, 1979. He received his B.S., M.S. and Ph.D. degrees in Department of Information Engineering & Computer Science from Feng Chia University, Taichung, Taiwan, in 2001, 2002 and 2007 respectively. Since August 2008, he has been with Accounting and Information Systems Department at Asia University, Taichung, Taiwan, as an Assistant Professor. His current research interests include cryptography, steganography, and network security.
Wei-Hsun Lee was born in Taipei, Taiwan on April 19, 1986. He received his B.S. degree from the Computer Science & Information Engineering, ASIA University, Taichung, Taiwan, in 2008. He is currently pursuing his M.S. degree in Department of Information Science and Applications, ASIA University. His current research interests include information security, cryptography, and electronic commerce.
937
A Novel User Authentication Scheme Based on QR-Code Kuan-Chieh Liao Department of Accounting & Information Systems, ASIA University, Taichung, Taiwan, R.O.C. Email: [email protected]
Wei-Hsun Lee Department of Information Science and Applications, ASIA University, Taichung, Taiwan, R.O.C. Email: [email protected]
Abstract—User authentication is one of the fundamental procedures to ensure secure communications and share system resources over an insecure public network channel. Thus, a simple and efficient authentication mechanism is required for securing the network system in the real environment. In general, the password-based authentication mechanism provides the basic capability to prevent unauthorized access. Especially, the purpose of the one-time password is to make it more difficult to gain unauthorized access to restricted resources. Instead of using the password file as conventional authentication systems, many researchers have devoted to implement various one-time password schemes using smart cards, time-synchronized token or short message service in order to reduce the risk of tampering and maintenance cost. However, these schemes are impractical because of the far from ubiquitous hardware devices or the infrastructure requirements. To remedy these weaknesses, the attraction of the QR-code technique can be introduced into our one-time password authentication protocol. Not the same as before, the proposed scheme based on QR code not only eliminates the usage of the password verification table, but also is a cost effective solution since most internet users already have mobile phones. For this reason, instead of carrying around a separate hardware token for each security domain, the superiority of handiness benefit from the mobile phone makes our approach more practical and convenient. Index Terms—one-time password; user authentication; QRcode; mobile phone
I. INTRODUCTION With the rapid development of computer network technologies, more and more computers connect together to exchange great information and share system resources. Security is then an important issue for computer networks. To prevent the information from being accessed by illegitimate or unauthorized users, remote authentication of users is certainly one of the most important services. User authentication is the essential security mechanism Manuscript received May 20, 2009; revised November 30, 2009. The associate editor coordinating the review of this paper and approving it for publication was Dr. Hsing-Chung Chen.
© 2010 ACADEMY PUBLISHER doi:10.4304/jnw.5.8.937-941
to establish the trust relationship under open network environments. Password-based authentication scheme is the most common method to check the validity of the login message and authenticate the user. One-time password is a password that is only valid for a single login session or transaction. The one-time password avoids various shortcomings associated with traditional static password, such as replay attack, dictionary attack, and phishing attack. This means that, if a potential intruder manages to record a one-time password that was already used to log into a service or to conduct a transaction; he will not be able to abuse it since it will be no longer valid. Therefore, the purpose of the one-time password is to make it more difficult to gain unauthorized access to restricted resources. On the hand, one-time password schemes cannot be memorized by human beings. For this reason, they require additional technology in order to work. Basically one-time password schemes can be classified into the following four categories: A.
Based on the mathematical algorithm In 1981, Lamport [8] first proposed the one-time password authentication scheme by using the one-way hash chain. However, if an indefinite series of passwords is wanted, a new seed value need to be chosen after the set of old hash chain is exhausted. Especially, maintaining a password file to verify the user’s authentication request also increases the risk of tampering and maintenance cost. For this reason, many researchers [1][3][4][11][16][18] have proposed various user authentication schemes using smart card to improve the security, the cost or the efficiency. B.
Based on the smart card Due to the tamper-resistance and convenience in managing a password file, smart cards have been widely adopted in many remote authentication schemes [1][3][4][11][16][18]. However, carrying around the cards and the reader remains a burden to users. Since the card and the reader are far from ubiquitous, thus this
938
obstacle has restricted the application of smart card based authentication schemes. C.
Based on the time-sychronized token The time-synchronized one-time passwords are usually related to physical hardware tokens. Inside the token is an accurate clock that has been synchronized with the clock on the authentication server. Recently, it has become possible to take the electronic components associated with regular key fob one-time password tokens such as those from InCard [6], RSA [15], SafeNet [9], and Vasco [17]. However, for the same reason as the smart card based schemes, these approaches are also inconvenient because of the cost of one-time password hardware and the infrastructure requirements. D.
Based on the Short Message Service (SMS) Since SMS is a ubiquitous communication channel and being available in all handsets. However, SMS is a best effort delivery, which means that the phone company will try to deliver it, but they will not guarantee it will get there, or if it does how long it will take. It should be noted that one-time passwords should have a time to live as a security feature. Moreover, the SMS based scheme till incurs extra charges. Thus, it is impractical and is not necessarily a low total cost solution. These above-mentioned obstacles have obviously restricted the practicability of the one-time password authentication schemes. Therefore, it is very interest to devise a solution which can overcome these drawbacks. Due to the rapid advances in mobile communication technologies, QR-code [7] in the embedded camera devices has been used as new input interfaces. The mobile phones with embedded camera can capture the QR-codes and decode them with software running on the phone [2]. Meanwhile, there are many advantages to use the QR-code in mobile phones such as omni-direction readability and error correction capability. For this reason, mobile phones adopt the QR-code to support many services nowadays such as booking tickets, paying a fee and URL reading [10][13][19]. So an interesting approach proposed in this paper is adopting the widely used QR-code technique to support the one-time password system, since the QR-code applications with mobile phones can derive the benefits inherited from QR-code, such as the large capacity, the small printout size, the high speed scan, the damage resistance and the data robustness. Besides, various properties, such as mobility and handiness, benefit from the mobile device make our approach more practical. Thus, our approach could be more convenient since the users would not need to carry around a separate hardware token for each security domain to which they require access. This paper is organized as follows. Section II gives the basic concept of the QR-code. In Section III, the proposed QR-code based one-time password authentication scheme is given. In Section IV, the © 2010 ACADEMY PUBLISHER
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
feasibility evaluation and security analysis are discussed. Finally, this paper concludes in Section V.
II. BASIC CONCEPT OF THE QR-CODE The QR-code [7] is a two-dimensional barcode introduced by the Japanese company Denso-Wave in 1994. It contains information in both vertical and horizontal directions, whereas a classical barcode has only one direction of data. Compared to classical barcode, a QR-code can hold a considerably greater volume of information: 7,089 characters for numeric only, 4,296 characters for alphanumeric data, 2,953 bytes of binary (8 bits). The “QR” is derived from “Quick Response”, as the creator intended the code to allow its contents to be decoded at high speed. In addition, QR-Code also has error correction capability. Data can be restored even when substantial parts of the code are distorted or damaged. Many cellular phones with embedded camera nowadays are natively equipped with the QR-code decoding software. With the aid of the equipment, it’s simply for a human to manually decode QR-codes and then displays, manipulates, or stores the information on their mobile devices. Figure 1 and Figure 2 illustrate the QR-code encoding and decoding diagrams respectively.
Figure 1. QR-code encoding diagram.
Figure 2. QR-code decoding diagrams.
QR-codes are part of daily life in Japan, Korea, Taiwan, Hong Kong, and China. Moreover, depending on the type of data recognized and the nature of the application, alternative actions can follow the decoding stage: a phone number can be automatically dialed, a short text message can be sent, a web page corresponding to the decoded URL can be displayed in a mobile browser, or a definite application can be executed. Thus, due to QR-codes now appear in magazines, advertisements, product wrappings,
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
939
T-shirts, passports, business cards and on subway billboards in Japan, most current Japanese mobile phones can read this code with their camera. However, at a consumer market level, QR-codes are virtually unknown outsides of Asia. [14] Fortunately, for camera phones that are not equipped with QR-code readers, QuickMark [12] and I-nigma [5] both provide free tools that are available for many manufactured models and devices to decode QR-Codes simply. Figure 3. Registration phase.
III. PROPOSED SCHEME The major concern of our scheme is to make use of the deployed widespread QR-code techniques in order to eliminate the drawbacks of the prior one-time password schemes. The convenient integration of the web-based application and the mobile devices’ usage makes our scheme more practical. The proposed scheme involves two parties: a service provider (SP for short) and remote users. Each authorized user can request service from SP with the granted access rights. In addition, each user hold a mobile phone with embedded camera, therefore he can take a picture of the QR-code image and then decode it. Our scheme is divided into two phases: Registration and Verification phases. The notation in TABLE I is employed throughout this paper. TABLE I.
NOTATION
Notation
Description
h(·)
An one-way hash function
B. Verification Phase The verification phase is shown as follows. Besides, the steps for verification phase are also shown in Figure 4. 1) User A sends IDA and T1 to SP, where T1 is the time stamp attached by the User A. 2) SP examines whether the time stamp T1 is correct. If it is invalid, then rejects it. Otherwise, he chooses a random number r, computes xA = h(IDA, s), and α = r ♁ xA,
and then sends EQR(α), h(r, T1, T2), and T2 to User A, where T2 is the time stamp attached by the SP. 3) User A examines whether the time stamp T2 is correct. If it is invalid, then rejects it. Otherwise, he derives r by computing r = DQR(EQR(α)) ♁ xA.
EQR(·)
A function that encodes data into QR-code image
DQR(·)
A function that decodes the QR-code image captured in an embedded camera device
s
SP’s long-term secret key
T1 , T2
Time stamps
(1)
and sends xA to User A’s mobile device via a secure channel. 3) User A’s mobile device stores xA as the long-term secret key.
Figure 4. Verification phase.
© 2010 ACADEMY PUBLISHER
(3)
with his embedded camera devices. After that, User A examines whether h(r, T1, T2) is correct. If holds, then User A sends h(r, T2, T3) and T3to SP. 4) SP examines whether the time stamp T3 is correct. If it is invalid, then rejects it. Otherwise, he checks whether h(r, T2, T3) is correct. If holds, then SP is convinced that User A is validated. Otherwise, the request is rejected.
A. Registration Phase Without loss of generality, assume that a User A with an embedded camera mobile device wants to join the system. Then, SP and User A carry out the following registration procedures. Besides, the steps for Registration phase are shown in Figure 3. 1) User A sends his identity IDA to SP. 2) SP computes xA = h(IDA, s)
(2)
940
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
IV. DISSCUSSIONS In the proposed QR-code based remote authentication model, instead of adopting the traditional smart card in our scheme, the user’s mobile phone takes the responsibility for capturing the QR-code image and decoding them. For this reason, the feasibility evaluation of the operations in the mobile phone is especially discussed in this section. Also, some possible attacks against the proposed scheme are taken into account. A. Feasibility Evaluation According to equation (3), it can be observed that the embedded camera mobile device only need to carry out a QR-code decoding operation and a logical operation, exclusive OR. Thus, it is obviously to see that the overall computational load is acceptable. On the other hand, from the view point of the user’s computer, instead of using an extra random number generator, the time stamps T1 and T3 are applied to strengthen the security of the one-time password r. Without the random number generator loading, it is consequently more efficient and suitable for the remote user. In addition, from the view point of the service provider, no extra cost is necessary to create and maintain the password table for storing each user’s long-term secret key. Accordingly, without maintaining a password file to verify the user’s authentication request can decrease the risk of tampering and maintenance cost successfully. Therefore, according to the foregoing discussions, it can be seen that the proposed authentication protocol based on QR-code is efficient and practical.
On the other hand, if an adversary intercepts the information being transmitted over the public channel, it is still infeasible to derive r from h(r, T1, T2) and h(r, T2, T3), because that the one-way hash function is unreversable. 4) Man-in-the-middle attack and replay attack Suppose that the intruder replays a legal request with time stamp T3 intercepted from the public channel and the SP receives the access request message at the time T3’. Since that T3’-T3 is not less than the legal time interval, the service provider will reject it. In addition, r is a random number chosen by SP from time to time. Thus, both the man-in-the-middle attack and the replay attack will fail.
V. CONCLUSION In the humanistic society today, the design for daily product or various systems must be designed under the consideration of human habits and convenience as well as daily product. The motivation of this paper is the first to propose a QR-code based one-time password authentication protocol, which not only eliminates the usage of the password verification table, but also is a cost effective solution since most internet users already have mobile phones. From the user’s vision, our approach could be more convenient, because the burden of carrying a separate hardware token or extra charges from the Short Message Service can be removed. Thus, the contribution is therefore obviously.
REFERENCES B. Security analyses 1) Security risk of the user’s mobile phone Since the mobile phone has the user’s long-term secret key, therefore, it needs to be well-protected. Fortunately, the mobile phones with embedded camera in our scheme only capture the QR-code and decode them with software running on the phone. Accordingly, the mobile device isn’t directly exposed to other malicious users. Thus, under this reasonable assumption, the risks generated by the mobile phone will be significantly reduced. 2) Security risk of the SP It is infeasible for an attacker to derive SP’s secret values s according equation (1), because that the one-way hash function is unreversable. On the other hand, the attack of impersonating CA will also fail, because he still cannot derive xA without the knowledge of s. 3) Security risk of the remote user According to equation (2) and (3), it can be observed that it is infeasible to obtain the valid user’s long-term secret key xA without the knowledge of the corresponding random number r.
© 2010 ACADEMY PUBLISHER
[1] H. Y. Chien, J. K. Jan, and Y. M. Tseng, “An efficient and practical solution to remote authentication: smart card,” Computers & Security, Vol. 21, No. 4, pp. 372– 375, 2002. [2] T. Falas, H. Kashani, “Two-Dimensional Bar-code Decoding with Camera-Equipped Mobile Phones,” Proceedings of the Fifth Annual IEEE International Conference on Pervasive Computing and Communications Workshops, 19-23, March, 2007, pp. 597-600. [3] H. C. Hsiang, W. K. Shih, “Weaknesses and improvements of the Yoon–Ryu–Yoo remote user authentication scheme using smart cards,” Computer Communications, Vol. 32, Issue 4, pp. 649-652, 2009. [4] M. S. Hwang and L. H. Li, “A new remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 1, pp. 28–30, 2000. [5] I-Nigma: Retrieved November 2009 from: http://www.inigma.com/. [6] InCard DisplayCards: Retrieved November 2009 from: http://www.incard.com/products.html. [7] ISO/IEC 18004:2000. Information technology-Automatic identification and data capture techniques-Bar code Symbology-QR Code, 2000 [8] L. Lamport, “Password authentication with insecure communication,” Communications of ACM, Vol. 24, No. 11, pp. 770-772, 1981. [9] OTP Authenticators, “Retrieved November 2009 from: http://www.safenetinc.com/Products/Data_Protection/MultiFactor_Authentication/OTP_Authenticators.aspx.
JOURNAL OF NETWORKS, VOL. 5, NO. 8, AUGUST 2010
[10] T. S. Parikh and E. D. Lazowska, “Designing an architecture for delivering mobile information services to the rural developing world,” Proceeding of the Seventh IEEE Workshop on Mobile Computing Systems and Applications, Washington DC, USA, April 2006, pp.31-33. [11] M. Peyravian and C. Jeffries, “Secure remote user access over insecure networks,” Computer Communications, Vol. 29, Issue 1, pp. 660-667, 2006. [12] Quickmark. Retrieved November 2009 from: http://www.quickmark.com.tw/. [13] J. Rekimoto and M. Saitoh, “Augmented Surfaces: A Spatially Continuous Work Space for Hybrid Computing Environments,” Proceedings of the ACM Conference on Human Factors in Computing Human Interaction, Pittsburgh, PA, 15-20 May, 1999, pp. 378-385. [14] J. Rouillard, “Contextual QR Code,” Proceedings of the Third International Multi-Conference on Computing in the Global Information Technology, Athens, Greece, July 27 – August 1, 2008, pp. 50-55. [15] RSA SecureID. Retrieved November 2009 from: http://www.rsa.com/node.aspx?id=1156. [16] H. M. Sun, “An efficient remote user authentication scheme using smart cards,” IEEE Transactions on Consumer Electronics, Vol. 46, No. 4, pp. 958-961, 2000. [17] VASCO. Retrieved November 2009 from: http://www.vasco.com/solutions/partners/novell.aspx. [18] J. Xu, W. T. Zhu, and D. G. Feng, “An improved smart card based password authentication scheme with provable security,” Computer Standards & Interfaces, Volume 31, Issue 4, pp. 723-728, , June 2009. [19] G. Yu, Z. Wang, Y. Li, and L. He, “An application and implementation of two-dimensional symbols for circuit board quality control system,” Proceedings of the 2nd IEEE International Conference on Industrial Informatics, Berlin, 26 June, 2004, pp.397-401.
© 2010 ACADEMY PUBLISHER
941
Kuan-Chieh Liao was born in Taichung, Taiwan on September 23, 1979. He received his B.S., M.S. and Ph.D. degrees in Department of Information Engineering & Computer Science from Feng Chia University, Taichung, Taiwan, in 2001, 2002 and 2007 respectively. Since August 2008, he has been with Accounting and Information Systems Department at Asia University, Taichung, Taiwan, as an Assistant Professor. His current research interests include cryptography, steganography, and network security.
Wei-Hsun Lee was born in Taipei, Taiwan on April 19, 1986. He received his B.S. degree from the Computer Science & Information Engineering, ASIA University, Taichung, Taiwan, in 2008. He is currently pursuing his M.S. degree in Department of Information Science and Applications, ASIA University. His current research interests include information security, cryptography, and electronic commerce.
