• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文会议>2017 15th International Conference on Quality in Research : International Symposium on Electrical and Computer Engineering >S-Mbank: Secure mobile banking authentication scheme using signcryption, pair based text authentication, and contactless smart card
【24h】

S-Mbank: Secure mobile banking authentication scheme using signcryption, pair based text authentication, and contactless smart card

机译:S-Mbank:使用签密,基于配对的文本身份验证和非接触式智能卡的安全移动银行身份验证方案

获取原文
获取原文并翻译 | 示例
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Nowadays, mobile banking becomes a popular tool which consumers can conduct financial transactions such as shopping, monitoring accounts balance, transferring funds and other payments. Consumers dependency on mobile needs, make people take a little bit more interest in mobile banking. The use of the one-time password which is sent to the user mobile phone by short message service (SMS) is a vulnerability which we want to solve with proposing a new scheme called S-Mbank. We replace the authentication using the one-time password with the contactless smart card to prevent attackers to use the unencrypted message which is sent to the user's mobile phone. Moreover, it deals vulnerability of spoofer to send an SMS pretending as a bank's server. The contactless smart card is proposed because of its flexibility and security which easier to bring in our wallet than the common passcode generators. The replacement of SMS-based authentication with contactless smart card removes the vulnerability of unauthorized users to act as a legitimate user to exploit the mobile banking user's account. Besides that, we use public-private key pair and PIN to provide two factors authentication and mutual authentication. We use signcryption scheme to provide the efficiency of the computation. Pair based text authentication is also proposed for the login process as a solution to shoulder-surfing attack. We use Scyther tool to analyze the security of authentication protocol in S-Mbank scheme. From the proposed scheme, we are able to provide more security protection for mobile banking service.
机译:如今,移动银行已成为一种流行的工具,消费者可以进行金融交易,例如购物,监控帐户余额,转移资金和其他付款。消费者对移动需求的依赖,使人们对移动银行有了更多的兴趣。通过短信服务(SMS)发送给用户手机的一次性密码的使用是我们希望通过提出一种称为S-Mbank的新方案来解决的漏洞。我们将一次性密码替换为非接触式智能卡以进行身份​​验证,以防止攻击者使用发送到用户手机的未加密消息。此外,它还冒充了欺骗者发送伪装成银行服务器的SMS的漏洞。非接触式智能卡之所以被提出,是因为它具有灵活性和安全性,比普通的密码生成器更容易引入我们的钱包。用非接触式智能卡代替基于SMS的身份验证,消除了未经授权的用户充当合法用户利用移动银行用户帐户的漏洞。除此之外,我们使用公私钥对和PIN来提供两个因素认证和相互认证。我们使用签密方案来提供计算效率。还建议在登录过程中使用基于对的文本身份验证,以解决肩膀冲浪攻击。我们使用Scyther工具来分析S-Mbank方案中认证协议的安全性。从提出的方案中,我们能够为移动银行服务提供更多的安全保护。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号