International Conference on Materials Engineering and Information Technology Applications (MEITA 2015) A Novel QR Code and mobile phone based Athentication protocol via Bletooth Sha Li *1, Shha Zh 2 *1 School of Information Science and Technology, Jinan University, Gangzho, China 2 Network & Edcational Technology Center, Jinan University, Gangzho, China shali@163.com Keywords: List the keywords covered in yor paper. These keywords will also be sed by the pblisher to prodce a keyword index. For-party; QR Code; OTP; Bletooth; Athentication Abstract. Password based athentication schemes are widely sed in or daily life when we log into websites. However, there are varieties of problems with the simple methods, inclding ssceptibility to nintentional exposre via phishing and cross-sites password rese. We present a novel mobile phone based athentication scheme, which intends to provide secrity and sability greater than that of traditional two-factor athentication protocols. It contains for parties, i.e. the ser, the mobile phone, the crrent compter and the remote server. At first, a sers personal device-mobile phone-stores the key token by scanning QR code, which is sent from the server after ser completes the registration phase. Secondly, the crrent compter can se the Bletooth device address registered in remote server to lanch a connection reqest and then it can commnicate with the mobile phone via Bletooth. Thirdly, when ser wants to log into a website, server wold transmit an OTP(One time password )to sers mobile phone throgh the crrent compter in order to verify the ser. Finally, or scheme has achieved the mtal athentication via Bletooth. Or scheme only needs lower comptation. In terms of sers reqirements, or scheme provides reqest abot changing bind-phone for legal sers over the email address registered dring registration phase. After sability and secrity analysis, we can demonstrate that the new scheme fits for the complicated network environment. Introdction The traditional ser athentication factors can be divided into three categories: what yo know, for example, sers name and password ; what yo have, sch as smart cards; what yo are, sch as fingerprint information. Password-based athentication, which is known as "one -factor athentication ", is one of the most widely sed and accepted athentication type. It has some natral and practical advantages, however, its disadvantages are also obvios: sers tend to se simple and easy-to-gess passwords, and often rese passwords across different websites[1][2]. Therefore, some attackers have chances to steal sers password by lanching off-line gessing attacks and phishing attacks. Meantime, server stores a lot of information as the form of plaintext, which can be easily stolen by attackers. As a reslt, sers personal information will be leaked which even wold endanger the property secrity of sers[3][4]. So some researchers made varios efforts and attempts to improve password secrity, and the idea of one-time password -based athentication was proposed later. As the name sggests, a one-time password athentication is the password only be effective in a limited time, and the server does not need to store the ser s password table. It can resist against password gessing and dictionary attacks and achieves a big improvement in secrity[5]. However, one-time password is generated related to the specific complex algorithms, which is often sed as an axiliary role to help complete the athentication process[6] [7]. So many researchers tend to focs on the two-factor athentication, which not only inherits the advantages of password-based athentication, bt also improves the secrity of this kind of athentication scheme. In recent years, two-factor athentication, especially the smart card -based athentication scheme, becase of its low comptation and high secrity, has been attracted more 2015. The athors - Pblished by Atlantis Press 41
and more attention from scholars[8][9][10][11][12][13], bt it also has some inevitable problems, sch as ser sability. Even thogh smart cards are small and easy-to-carry, many sers still not sed to carry an additional device when they need to login into system; In addition, secrity of sch schemes are qestionable. It is based on the premise that information stored on the smart card is secre, bt a growing nmber of researches have indicated that the secret information within the smart card can be extracted throgh some extraordinary measres, sch as forced electricity ct-off, so secrity of these scheme designed on this assmption cannot be garanteed. With the development of smart phones, their featres and applications become more perfect. To some extent, performance of some smart phones wold be able to compete with small compters. Smart phones have become a necessity of peoples daily life. So someone proposes a new form of two-factor athentication, password and phone, in accordance with this trend. It is a perfect soltion to meeting the ser practical considerations, while the amont of smart phones comptation and storage is mch larger than smart card[14][15]. In this paper, we adopt a variety of crrent mainstream techniqes and proposes an innovative QR-Code based for-party athentication protocol. There are for parties involved in the athentication process: ser, remote server, the crrent compter, and smart phone. New protocol ses two-factor athentication type: password& phone. The ser firstly needs to register with remote server by name, phones Bletooth device address and e-mail address. Then phone wold scan QR-Code that contains the token information generated by server, and store the token in the phone. In the athentication process, the crrent compter based on the Bletooth address sent by server to initiate a Bletooth connection with the sers smart phone, the crrent compter wold send one-time passwords and other information to the ser s smart phone via Bletooth. Or Contribtion Or protocol is novel and the state of art. The major innovations as the following:or protocol is a new two-factor based athentication involved for parties, based on or nderstanding of the field, we shold be the first one scheme to take the crrent ser s compter into consideration among the athentication phase, and regard the crrent compter as a trsted device and credible channel in or protocol. This can increase the safety and operability. Registration information in or protocol, inclding sers name and the phones Bletooth device address and e-mail address, as far as we know, we shold be the first one to adopt the Bletooth device address as part of registration information, previos stdies did not take into accont the se of sers Bletooth device address. The device athentication schemes even did not intend to consider a Bletooth connection. It can easily and qickly implement Bletooth connection between the crrent compter and sers smart phone in order to realize the commnication. Compared with the schemes based on SMS messages, It can avoid the secrity problems of information transmission and the fees paid to the operators. Or protocol also ses a crrently very poplar and commercial two-dimensional code, QR Code technology, as a visal OOB, transmitting the athentication tokens distribted by registration server and some secret information. It can avoid leakage and theft problems when the server sending messages to the phone, and it can also save the overhead and redce the latency. Or protocol draws on a self-verified timestamp techniqe[16] from the one who generates the original timestamp to verify the validity of the conterpart timestamp, which effectively solves the clock synchronization problems in most timestamp based athentication schemes, the timestamps can be also sed as nonce, which can save the overhead of generating random nmbers. Or protocol selects one-time password generation algorithm, sers can get the crrent password via Bletooth, which can improve the secrity of scheme. 42
Paper Organization The rest of the paper is organized as follows. Section 4 covers backgrond abot several technologies involved in or scheme. Then, we describes or new athentication in details in section 5.In section 6, we discss the sability and secrity of or scheme. Finally, in section 7, we make or conclsions. Related Work QR Code. QR Code (Qick Response Code) is a two-dimensional code standards, which was first by a Japanese company Denso proposed by the invention in 1994[17].In 2000, it sccessflly became an ISO International Standard. Initially, QR Code is designed to be applied in the control of atomated prodction processes and design, bt later it is widely sed in many other areas. QR Code is a matrix symbol, with high data capacity, high-speed data acqisition, high-density data printing and other featres. Compared to a linear one-dimensional codes, two-dimensional code can store more data and reqires a relatively longer time to read and process the data. OR Code Based Athentication. More and more people start to concern abot sch a small two-dimensional code, becase its really convenient, people can add friends, log into a website and even complete payment by scanning it. In terms of social networking and commercial prposes, it is already everywhere, and there are some people doing some researches abot athentication by adopting it. In 2006, McCne[18] proposed a two-dimensional code based device pairing athentication framework. This is the first instance of a detailed application of the two-dimensional code in the athentication scheme. In 2009, Genther et al [19]proposed a QR Code and mobile phone based two-factor " challenge - response" mechanism as athentication scheme,which contains "data + nonce" content called "QR-TAN". It was the first time that QR Code considered as the main technology to be sed in athentication scheme. Bt the scheme was based on pblic and private key system, and there were not good methods to solve the problem of generation and distribtion of keys, making it difficlt to promote this method in practical life-se. In 2010, Liao et al [20]proposed an innovative QR Code -based and one-time password athentication protocol. It ses timestamp techniqe replaced conventional random nmbers to achieve lower comptation and small storage featres. However, the protocol didnt take into accont that the need to address the timestamp network clock synchronization isses, and it demonstrated that the protocol still has secrity flaws. In 2013, Harini [21]proposed a two-factor athentication scheme called "2CA" that was based on pblic-private key system. It adopted mltiple technologies, sch as QR Code, one-time password, smart card, to achieve mtal athentication. However, the scheme faces the same problem with Liaos. Besides, there was an isse that sers need to carry on smart card, so the sability will be greatly redced. In the same year, Soondck et al[22] proposed a simple athentication scheme based on QR Code. This scheme sed ser name and password, and then verified the mobile phone to scan two-dimensional code to complete the two-way athentication process. Proposed Scheme There are for parties involved in or scheme,inclding a remote server( S ), the crrent compter(c ), ser(u ) and mobile phone( M ). Athentication process is divided into for phases as follows: the preliminary phase, the registration phase, the login phase, the athentication phase and change bind-phone phase. Notations of the symbols sed in scheme are as followings : Smart phones defined in or scheme shold have some featres: it is relatively moderate volme, with a high resoltion toch screen, and also has a high pixel camera, meaning that it has a 43
relatively strong compting power and can handle a relatively sophisticated athentication information. : User identification ; B _ Adds : Bletooth device address ; E _ Adds : E-mail address K : Long-term key remote server ; Token : The remote server to sers of tokens ; E (.) QR : QR Code encryption algorithms D (.) QR : QR Code decryption algorithms; OPW : Remote server -generated OTP password ; h (.) : Single-secre hash fnction ; T : Crrent timestamp ; User, Bletooth device address and E-mail PC, Bletooth device address and E-mail Server Message transmitting via bletooth 1.Connecting with ser s mobile phone via bletooth 2.Retransmitting message from server 1.Compting OTP passwod 2.Selecting a random nmber Mobile Phone QR Code decoding operation Sharing a key token Fig 1 For-party athentication scheme Preliminary phase. Dring the athentication process between U and M, U shold confirm the identity of M and M need also to check the identity of U by password and gestre. Registration phase: Step 1. U sbmits Fig 2 athentication between ser and mobile phone, B _ Adds and E _ Adds to S. Step 2. S check, and E _ Adds, if any information has been registered, S reqires U to reselect the new information. Otherwise, S comptes Token h( K T r) EQR ( Token ),. Step 3. U comptes D ( E ( Token )) Token, store it secrely on the phone. QR QR 44
User(U) B _ Adds and E _ Adds Compter(C) B _ Adds and E _ Adds Remote Server(S) Check identity Comptes Token h( K T ) r Token Token Mobile phone(m) Fig 3 Registration phase hysical channel Visal OOB channel Login phase. Step 1. U sends a login reqest, and inpts. S sends B _ Adds to C, then C initiates a Bletooth connection with M throgh B _ Adds. Step 2. S generates password OPW and transmits it to C, and C forwards it to the ser s mobile phone M via Bletooth, then the ser obtains OPW. Step 3. U sbmits {, h( OPW T1), T 1} to S. User(U) Compter(C) Remote Server(S) B _ Adds Check Bletooth connection OPW Generates OPW OPW {, h( OPW T ), T } 1 1 {, h( OPW T ), T } 1 1 Mobile phone(m) Physical channel Bletooth channel Fig 4 Login phase Athentication phase : Step 1. S athenticates {, h( OPW T1), T 1}, and generates a random nmber R. S comptes Token h( K T ), r A EToken ( T1 T2 R), B ht ( 1 R T2), T 2 is the crrent timestamp of S Step 2. S transmits EQR ( A ), B to U.. Step 3. After receiving the information from S, U calclates DQR ( EQR ( A )) A, DToken (A ) DToken ( EToken ( T1 T2 R)) T1 T2 R, 45
U checks verifies * T T T, 1 1 2 1 2 T 1 is the crrent timestamp of U. If the ineqality holds, U B ht ( R T) B. If the eqality holds, U sccessflly athenticates S. Step 4. U calclates C E ( T3 T2 R) and D ht ( 3 R T2),then sends the message Token { C, D } via Bletooth, finally transfer to S. DQR ( EQR ( C )) C Step 5. When receiving the message from U, S comptes DToken ( C ) ( ( 3 2 )) 3 2 DToken E Token T T R T T R, S shold verify if R is eqal to the initial vale. Then S checks T T T, 2 2 2 T 2 is the * crrent timestamp of U. If the ineqality holds, S shold verify D ht ( 3 R T2) D. If the eqality holds, S sccessflly athenticates U. So far, U and S completes the two-way athentication. Step 6. S calclates Token1 h( K T r Ta 1), EQR ( Token 1). T a1 is timestamp of S. Step 7. U comptes DQR ( EQR ( Token1)) Token1 and stores it on the phone instead of the old one. User(U) B _ Adds and E _ Adds Compter(C) B _ Adds and E _ Adds Remote Server(S) Mobile phone(m) A Generates R Comptes Token h( K T ) r A E ( T T R) Token 1 2 B ht ( R T) A B 1 2 B * verifies B ht ( R T)? B 1 2 calclates C E ( T T R) Token 3 2 D ht ( R T) { C, D } 3 2 { C, D } comptes D ( E ( C )) C QR QR Token 1 Token 1 verifies * D ht ( 3 R T2)? D comptes Token h( K T T ) 1 r a1 Bletooth channel hysical channel Visal OOB channel Fig 5 Athentication phase Change bind-phone phase If the previos ser s bind-phone has been lost or stolen by someone, sers can propose the reqest to the remote server for changing bind-phone. Step 1. U enters and sends the change reqest to S. A piece of the adio docment contains some random characters generated by S. And all of these are sent to the associated Email address registered by ser in registration phase, U shold download the adio docment and read it, then inpt the random characters AD. Step 2. U sbmits { h( AD T1), T1, NewB _ Add} to the S, T 1 is the crrent timestamp of U. Step 3. S checks T1 T1 T, T 1 is crrent timestamp of S, and verifies the validity of, NewB _ Add. 46
* Step 4. S checks A hm ( T1 ) A. If the eqation holds, S accepts the reqirements of changing bind-phone by U. Step 5. S recalclates Token h( K T T ), E ( Token ). c r c U ses a new mobile phone to read and compte D ( E ( Token )) Token, stores it on the new phone. QR c QR QR c Secrity and Performance Analysis Usability Analysis. 1. Calclation. Throghot the certification process, it involves only a one-way hash fnction arithmetic and QR Code for encryption and decryption operations. Therefore, it is clear that the entire load calclation of whole scheme is relatively lower, and the new scheme can be applied to many lightweight comptation based applications, while it is also very easy to implement it on devices to achieve promotion. 2. Technology. Or scheme draws on the self-verified timestamp technology. It not only solves the problem of clock synchronization, bt also avoids the resorce consmption from generation of random nmber. Compared to similar schemes, or scheme is more efficient and simple. The scheme also ses a one-time password, which combined with the time stamp technology has enhanced athentication secrity. For servers, or scheme has redced the overhead of storing password table and avoided the risk of being leaked passwords. To a certain extent, it has improved the efficiency of athentication. 3. Eqipment. Athentication scheme jst needs the sers mobile phone, which has regarded as a daily-life axiliary eqipment, withot any additional hardware. It is no dobt that or scheme cold eliminate extra brden to sers and improve the sability of t scheme. Secrity Analysis. 1 Attack Model. Assming that certified environmental is relatively closed, not inclding the more broader common areas, sch as train stations and the airports. In these places, there are many factors interfere with the athentication process that we cannot control. We assme that information transmitted over visal OOB channel, the program cannot be eavesdropped, blocked and modified, the message transmitted via Bletooth may be eavesdropped by attackers, in other words, an attacker cold reply and modify these information, which affects the certified process. 2 Secrity Featres. 1) Mobile Information Secrity. In or athentication scheme, the mobile phone as a token of long-term storage media plays a crcial role in the athentication, and ser shold store it safely. However, once mobile phone is lost or stolen by someone, ser can change the server bind-phone, and ser can rebind a new phone. So, even people who have get phone cant log in throgh the mobile phone directly and cant get the servers long-term key K from Token, becase of the secrity of one-way hash fnction, therefore or scheme cold ensre the information secrity. 2) Remote server secrity. From the previos section, attacker finds it difficlt to forge a legal ser by Token.Both server and ser know long-term key K, as the one-way hash fnction is not reversible. Meanwhile attacker cant impersonate the server, becase the attacker cant get one-time passwords and ser s phone Token. 3) The crrent compter secrity. The crrent compter has been regarded as a secre channel to transmit information between mobile phone and the server via Bletooth, it is sggested that ser shold do the login operation on own compter. When compter has connected with the sers phone over Bletooth connection, ser need to confirm that whether it is yor crrent compter. In the athentication process, messages are appended with a time stamp which are carried ot cryptographic operations before they are transmitted throgh crrent compter. This allows the server and ser to athenticate message whether it is original, which is largely avoiding man-in-the-middle attacks and replay attacks, so the crrent compter can be trsted. 4) User Secrity. If sers have always careflly keep their mobile phones, the attackers will not have chance to obtain sers phone. In the athentication process, the ser needs to se the mobile phone for Bletooth connection to transfer message, attacker cant get the sers mobile phone. The 47
commnication information all contain a timestamp and hash operations, ths ensring that information cant be eavesdropped by attacker. Conclsion In paper, a novel QR-Code based athentication scheme is presented. There are for parties participate in the scheme: a remote server( S ), the crrent compter(c ), ser(u ) and mobile phone( M ). The new scheme draws on a self-verified timestamp technology and QR Code technology to resist reply attacks and man-in-the-middle attacks. In addition, it adopts a onetime password to improve secrity of athentication. And it ses a mobile phone to connect with crrent compter via Bletooth, which redced the consmption and improved the efficiency. In or scheme, we select a one-way hash fnction and encryption and decryption operations for two-dimension code, which contains a lower compting. After sability analysis and secrity analysis, we can find that or scheme is more simple, secre and friendly compared with other similar type of schemes, and it extremely sits for practical applications. Acknowledgements This work is spported by the National Natral Science Fondation of China (Grant No. 61272415, 61272413, 61133014). It is also spported by the Science Program of Gangdong Province, China(Grant No.2012A080102007,2011B090400324, 2011B090400469, 2012B0403050 08, 2012B091000136, 2012B091000038),the Engineering Research Center Program of Gangdong University, China (Grant No. GCZX-A1103) and Technology Plan Program of Gangzho City, China (Grant No.2013Y2-00071) Reference [1] Yan, J. J., Blackwell, A. F., Anderson, R. J., & Grant, A.. Password Memorability and Secrity: Empirical Reslts. IEEE Secrity & privacy, 2004, 2, (5), pp 25-31. [2] Bonnea J. Measring password re-se empirically. Light Ble Tochpaper, 2011. [3] Bonnea J, Herley C, Van Oorschot P C, et al. The Qest to Replace Passwords: A Framework for Comparative Evalation of Web Athentication Schemes. In Proceedings of the 2012 IEEE Symposim on Secrity and Privacy, IEEE, May 2012, pp 553-567. [4] National Cybersecrity Awareness Month Updates,. https: //www. facebook. com/ notes/ facebook-secrity/ national-cybersecrity-awareness-month-pdates/ 10150335022240766 accessed 2011 [5] Haller N, Metz C, Nesser P, et al. A one-time password system. RFC 1938, May, 1996. [6] Haller N. The S/KEY one-time password system. 1995. [7] Liao I E, Lee C C, Hwang M S. A password athentication scheme over insecre networks[j]. Jornal of Compter and System Sciences, 2006, 72,(4), pp 727-740. [8] Lamport L. Password athentication with insecre commnication. Commnications of the ACM, 1981, 24, (11), pp 770-772. [9] Hang M S, Li L H. A new remote ser athentication scheme sing smart cards. IEEE Transactions on Consmer Electronics, 2000, 46, (1) pp 28-30. [10] Das M L, Saxena A, Glati V P. A dynamic -based remote ser athentication scheme. IEEE Transactions on Consmer Electronics, 2004, 50, (2) pp 629 631. [11] X J, Zh W T, Feng D G. An improved smart card based password athentication scheme with provable secrity. Compter Standards and Interface, 2009,31, (4), pp 723-728. 48
[12] Song R. Advanced smart card based password athentication protocol. Compter Standards and Interfaces, 2010, 32, (5), pp 321-325. [13] Li X, Ni J W, Khan M K, et al. An enhanced smart card based remote ser password athentication scheme. Jornal of Network and Compter Applications, 2013, 36, (5), pp 1365-1371. [14] D. van Thanh, T. Jonvik, B. Feng and I. Jorstad. Simple Strong Athentication for Internet Applications sing Mobile Phone, in Global Telecommnication Conference(IEEE GLOBECOM), New Orleans, 2008. [15] Alol F, Zahidi S, El-Hajj W. Two factor athentication sing mobile phones. 2009 ACS International Conference on Compter Systems and Applications, AICCSA 2009. IEEE, 2009, pp 641-644. [16] Tsar W J, Li J H, Lee W B. An efficient and secre mlti-server athentication scheme with key agreement. Jornal of Systems and Software, 2012, 85, (4), pp 876-882. [17] QR Code. com. http: // www. denso-wave.com/ qrcode/ index-e.html accessed: Sept 16, 2009. [18] McCne J M, Perrig A, Reiter M K. Seeing-is-believing: Using camera phones for hman-verifiable athentication. Secrity and privacy. Proceedings of the 2005 IEEE Symposim on Secrity and Privacy. IEEE, 2005, pp 110-124. [19] Starnberger G, Froihofer L, Göschka K M. QR-TAN: Secre mobile transaction athentication. 2009 International Conference on Reliability and Secrity, ARES09.. IEEE, 2009, pp 578-583. [20] Liao K C, Lee W H. A novel ser athentication scheme based on QR-code. Jornal of Networks, 2010, 5, (8) pp 937-941. [21] Harini N, Padmanabhan T R. 2CAth: A New Two Factor Athentication Scheme Using QR-Code. International Jornal of Engineering & Technology, 2013, 5,(2) pp 1087-1094. [22] Yoo S, Shin S, Ry D. An effective Two Factor Athentication Method sing QR code. 2013. 49