An Anonymous and Lightweight Authentication Scheme for Mobile Devices

Abstract

In this paper, we present a lightweight authentication scheme designed to enable mobile devices to achieve robust client-anonymity and computation efficiency. Instead of the heavy encryption and decryption modules of Elliptic Curve Cryptography (ECC), we adopt the key agreement operation of ECC as the core technique in the proposed anonymous authentication scheme. This eliminates significant computation cost and thus does not exceed the inherent resource-limitations on mobile devices. Security analyses are conducted to guarantee the robustness of the proposed authentication scheme. Moreover, when we implement our proposed scheme, the demo-system we have named AuthDroid, into the Android system, the implementation results demonstrate a practical execution time, e.g. 149.7 microseconds, on an Android-based smartphone, i.e. HTC ONE X, to complete the whole authentication procedure of AuthDroid.

DOI: http://dx.doi.org/10.5755/j01.itc.44.2.8335