Change search
ReferencesLink to record
Permanent link

Direct link
Strong Authentication Protocol using PIV Card with Mobile Devices
KTH, School of Information and Communication Technology (ICT).
2013 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Nowadays weak single-factor authentication mechanisms like passwords or passphrases are commonly used. Static passwords are easy to use, just remember them in mind. However it has many security weaknesses and even strong passwords are not strong enough. For example, strong secrets are difficult to remember, and people tend to share authentication credentials across systems, which reduce the overall security tremendously. Thus, for security sensitive environment we need strong multi-factors authentication. Smart card based certificate strong authentication solution can be used as a replacement for standard password-based schemes. And also a large existing base of deployed smart cards used to provide authentication in other areas can be reused to reduce costs significantly.

This master thesis presents a study of how to implement certificate-based strong authentication on mobile devices using PIV smart card. It proposes a strong authentication protocol based on FIPS 201 Personal Identity verification standard, and FIPS 196 entity strong authentication protocol scheme, and describes the implementation of a mobile security application developed on iOS system using a smart card reader. Our solution can provide high level of security services for mobile applications, and can easily protect their confidentiality, integrity and authenticity.

Place, publisher, year, edition, pages
2013. , 45 p.
Trita-ICT-EX, 2013:120
Keyword [en]
Mobile Applications Security, Strong Authentication, Smart Card
National Category
Engineering and Technology
URN: urn:nbn:se:kth:diva-128418OAI: diva2:647485
Educational program
Master of Science - Software Engineering of Distributed Systems
Available from: 2013-09-11 Created: 2013-09-11 Last updated: 2013-09-11Bibliographically approved

Open Access in DiVA

fulltext(2273 kB)605 downloads
File information
File name FULLTEXT01.pdfFile size 2273 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 605 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 848 hits
ReferencesLink to record
Permanent link

Direct link