Title: A location-based multi-factor authentication scheme for mobile devices

Authors: Bimal Kumar Meher; Ruhul Amin

Addresses: Department of Computer Science and Engineering, Silicon Institute of Technology, Bhubaneswar, India ' Department of Computer Science and Engineering, IIIT Naya Raipur, Chattisgarh, 493661, India

Abstract: In this paper, we propose a robust and user-friendly multi-factor authentication scheme without using smart card to reduce the operational overhead and hardware cost incurred due to the card reader. It also eliminates the issues when the smart card is lost/stolen. Secondly, we delegate a part of the computational load of the RAC to the server to balance the load between RAC and server. Thirdly, we introduce the location information of the user's device as another factor without using the GPS service of the mobile device. It helps to authenticate a user with a single sign-on to receive several related services without entering his user ID, password and biometric data again and again. Our scheme uses elliptic curve-based cryptography (ECC) to achieve a robust system with less memory consumption. We have analysed our authentication scheme from several online security threats and verified it to be safe using the Scyther Tool.

Keywords: authentication; multi-factor; location; elliptic curve-based cryptography; ECC.

DOI: 10.1504/IJAHUC.2022.126113

International Journal of Ad Hoc and Ubiquitous Computing, 2022 Vol.41 No.3, pp.181 - 190

Accepted: 05 Dec 2021
Published online: 11 Oct 2022 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article