Title: Verification and analysis of solution based on mobile PKI for signing and user identity

Authors: Kapil Kant Kamal; Sunil Gupta; Padmaja Joshi; Monit Kapoor

Addresses: School of Computer Science, University of Petroleum and Energy Studies, Dehradun, Uttarakhand, India ' School of Computer Science, University of Petroleum and Energy Studies, Dehradun, Uttarakhand, India ' Centre for Development of Advanced Computing (C-DAC), Maharashtra, India ' Chitkara University Institute of Engineering and Technology, Chitkara University, Rajpura, Punjab, India

Abstract: As mobile devices become more popular, there is an increasing need for user identification and digital identity verification for online and offline transactions. In certain countries, mobile phones are widely available at affordable prices, offering identity solutions based on either subscriber identity module (SIM) or hardware security module (HSM) that operate on public key infrastructure (PKI). This paper proposes a novel solution for a mobile identity framework based on elliptic curve cryptography (ECC) encompassing user authentication and signature. Our proposed approach is hardware-agnostic and does not rely on a SIM card. Additionally, it is cost-efficient without any third-party dependency. We perform informal security analysis to prove that our framework is secure from various attacks. Furthermore, we conduct formal security evaluations utilising the Scyther Security Protocols Tool and Burrows-Abadi-Needham (BAN) logic. We also evaluate the performance of our system and compare it with other protocols.

Keywords: encryption; signing; authentication; cryptographic; elliptic curve cryptography; ECC; mobile services.

DOI: 10.1504/IJCIS.2026.153813

International Journal of Critical Infrastructures, 2026 Vol.22 No.2, pp.201 - 218

Received: 11 Jan 2024
Accepted: 23 Jul 2024
Published online: 27 May 2026 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article