Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Strong Authentication Protocol using PIV Card with Mobile Devices
KTH, School of Information and Communication Technology (ICT).
2013 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Nowadays weak single-factor authentication mechanisms like passwords or passphrases are commonly used. Static passwords are easy to use, just remember them in mind. However it has many security weaknesses and even strong passwords are not strong enough. For example, strong secrets are difficult to remember, and people tend to share authentication credentials across systems, which reduce the overall security tremendously. Thus, for security sensitive environment we need strong multi-factors authentication. Smart card based certificate strong authentication solution can be used as a replacement for standard password-based schemes. And also a large existing base of deployed smart cards used to provide authentication in other areas can be reused to reduce costs significantly.

This master thesis presents a study of how to implement certificate-based strong authentication on mobile devices using PIV smart card. It proposes a strong authentication protocol based on FIPS 201 Personal Identity verification standard, and FIPS 196 entity strong authentication protocol scheme, and describes the implementation of a mobile security application developed on iOS system using a smart card reader. Our solution can provide high level of security services for mobile applications, and can easily protect their confidentiality, integrity and authenticity.

Place, publisher, year, edition, pages
2013. , 45 p.
Series
Trita-ICT-EX, 2013:120
Keyword [en]
Mobile Applications Security, Strong Authentication, Smart Card
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:kth:diva-128418OAI: oai:DiVA.org:kth-128418DiVA: diva2:647485
Educational program
Master of Science - Software Engineering of Distributed Systems
Examiners
Available from: 2013-09-11 Created: 2013-09-11 Last updated: 2013-09-11Bibliographically approved

Open Access in DiVA

fulltext(2273 kB)706 downloads
File information
File name FULLTEXT01.pdfFile size 2273 kBChecksum SHA-512
537d48e745fe5abdd1a872de015ea57853ab0ca5a36821c4ae1143cd2027e66cc31978130ec4064ae4962491853d126c614f45ac8646da15cb89081a7f5511e1
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 706 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 888 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf