%0 Journal Article %1 noauthororeditor %A Kalra, Sheetal %D 2016 %J Advances in Engineering: an International Journal (ADEIJ) %K Algorithm Authentication CAPTCHA Curve Digital Elliptic Phone Signature Smart User cryptography curve %N 2 %P 11 - 27 %T A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Curve Cryptography %U http://airccse.com/adeij/papers/1216adeij02.pdf %V 1 %X Today, a large number of people access internet through their smart phones to login to their bank accounts, social networking accounts and various other blogs. In such a scenario, user authentication has emerged as a major security issue in mobile internet. To date, password based authentication schemes have been extensively used to provide authentication and security. The password based authentication has always been cumbersome for the users because human memory is transient and remembering a large number of long and complicated passwords is impossible. Also, it is vulnerable to various kinds of attacks like brute force, rainbow table, dictionary, sniffing, shoulder surfing and so on. As the main contribution of this paper, a new passwordless authentication scheme for smart phones is presented which not only resolves all the weaknesses of password based schemes but also provide robust security. The proposed scheme relieves users from memorizing and storing long and complicated passwords. The proposed scheme uses ECDSA which is based on Elliptic Curve Cryptography (ECC). ECC has remarkable strength and efficiency advantages in terms of bandwidth, key sizes and computational overheads over other public key cryptosystems. It is therefore suitable for resource constraint devices like smart phone. Furthermore, the proposed scheme incorporate CAPTCHA which play a very important role in protecting the web resources from spamming and other malicious activities. To the best of our knowledge, until now no passwordless user authentication protocol based on ECC has been proposed for smart phones. Finally, the security and functionality analysis shows that compared with existing password based authentication schemes, the proposed scheme is more secure and efficient.

@article{noauthororeditor, abstract = {Today, a large number of people access internet through their smart phones to login to their bank accounts, social networking accounts and various other blogs. In such a scenario, user authentication has emerged as a major security issue in mobile internet. To date, password based authentication schemes have been extensively used to provide authentication and security. The password based authentication has always been cumbersome for the users because human memory is transient and remembering a large number of long and complicated passwords is impossible. Also, it is vulnerable to various kinds of attacks like brute force, rainbow table, dictionary, sniffing, shoulder surfing and so on. As the main contribution of this paper, a new passwordless authentication scheme for smart phones is presented which not only resolves all the weaknesses of password based schemes but also provide robust security. The proposed scheme relieves users from memorizing and storing long and complicated passwords. The proposed scheme uses ECDSA which is based on Elliptic Curve Cryptography (ECC). ECC has remarkable strength and efficiency advantages in terms of bandwidth, key sizes and computational overheads over other public key cryptosystems. It is therefore suitable for resource constraint devices like smart phone. Furthermore, the proposed scheme incorporate CAPTCHA which play a very important role in protecting the web resources from spamming and other malicious activities. To the best of our knowledge, until now no passwordless user authentication protocol based on ECC has been proposed for smart phones. Finally, the security and functionality analysis shows that compared with existing password based authentication schemes, the proposed scheme is more secure and efficient. }, added-at = {2017-09-18T07:20:23.000+0200}, author = {Kalra, Sheetal}, biburl = {https://www.bibsonomy.org/bibtex/267b5a777fc4c327ba20efe307f3f5d21/adeij_journal}, interhash = {912c894892957ebdaa15d429d610747b}, intrahash = {67b5a777fc4c327ba20efe307f3f5d21}, journal = {Advances in Engineering: an International Journal (ADEIJ)}, keywords = {Algorithm Authentication CAPTCHA Curve Digital Elliptic Phone Signature Smart User cryptography curve}, language = {English}, number = 2, pages = {11 - 27}, timestamp = {2017-09-18T07:20:23.000+0200}, title = {A Novel Passwordless Authentication Scheme for Smart Phones Using Elliptic Curve Cryptography }, url = {http://airccse.com/adeij/papers/1216adeij02.pdf}, volume = 1, year = 2016 }