A Novel Approach to Many-to-Many User Authentication in Different Information Systems

In this paper, we propose a novel approach to many-to-many user authentication in heterogeneous information systems. The described solution is based on the use of wireless keys – special devices that identify the user by transmitting the requested key information over a wireless network. The key feature of the proposed approach is noninteractive operating mode that allows to use a special encryption algorithm instead of two-way authentication. The algorithm is built on the basis of existing cryptographic primitives that prevents unauthorized system participants from getting access to the data of other users, even with physical access to the memory of the key. This approach does not require computational power or the battery on the key side and does not involve the user in the authentication process that allows implementing a method on passive NFC tags. To proof the concept, software implementation of the described system was developed and a qualitative comparison of the resulting solutions with existing analogues was conducted.

authentication, wireless networking, information systems security

1. Dan Griffin. Safer Authentication with a One–Time Password Solution // MSDN. 2008. Magazine 5.

2. ПИН-код ПЛАС №122. 2007

3. Цифровой сертификат //URL: www.authority.ru/scdp/page?als=504349

4. Криптографический токен //URL: www.rsa.com/rsalabs/node.asp?id=2133

5. Biometrics research Group – What is biometrics? //URL: http://biometrics.cse.msu.edu/info/index.html

6. Biddle R., Chiasson S., van Oorschot P.C. Graphical Passwords: Learning from Fisrt Generation, Technical Report TR-09-09 / School of Computer Science, Carleton University, Ottawa, Canada, 2009.

7. Беспроводной ключ от ПК //URL: http://www.rohos.ru/2011/05/security-performanceswith-wireless-pc-lock/

8. Комар М. Защищенное хранилище документов: выпускная квалификационная работа бакалавра. Ярославль, 2013. (Komar M. Zashchishchennoe khranilishche dokumentov: vypusknaya kvalifikatsionnaya rabota bakalavra. Yaroslavl, 2013 [in Russian]).

9. Petrov Vitaly, Komar Maria, Koucheryavy Yevgeni. A Lightweight Many-to-Many Authentication Protocol for Near Field Communications // 21st IEEE International Conference on Network Protocols, Goettingen, Germany.

10. Google Inc. – Google Wallet //URL: www.google.com/wallet/ 26.05.2011

11. Apple iWallet //URL: www.patentlyapple.com/patently-apple/tech-nfc/ 11.06.2013

12. codeREADr project //URL: www.codereadr.com/, 2009-2013

13. Универсальная электронная карта //URL: http://www.uecard.ru/, 2010 – 2013

14. VeriChip //URL: www.positiveidcorp.com/. 2013

15. Single point of failure //URL: www.techopedia.com/definition/4351/single-point-of-failurespof

16. Kerberos: The Network Authentication Protocol //URL: http://web.mit.edu/kerberos/

17. ГОСТ Р ИСО/МЭК 17799-2005 (GOST R ISO/MEK 17799-2005 [in Russian]).

18. Терехов А.Н.,Тискин А.В. Криптография с открытым ключом: от теории к стандарту // Программирование. 1994. №5 (сентябрь-октябрь). С. 17–22. (Terekhov A.N.,Tiskin A.V. Kriptografiya s otkrytym klyuchom: ot teorii k standartu // Programmirovanie. 1994. No 5. S. 17–22 [in Russian]).

19. Advanced Encryption Standard //URL: csrc.nist.gov/publications/fips/fips197/fips-197.pdf

20. Xuejia Lai and James Massey. A Proposal for a New Block Encryption Standard // EUROCRYPT. 1990.

21. WiFi Alliance //URL: http://www.wi-fi.org/

22. Wireless USB Specification //URL: http://www.businesswire.com/news/home/20100929005516/en/Wireless-USB-1.1-Specification