Authentication schemes for Smart Mobile Devices: Threat Models, Countermeasures, and Open Research Issues

03/27/2018
by   Mohamed Amine Ferrag, et al.
0

This paper presents a comprehensive investigation of authentication schemes for smart mobile devices. We start by providing an overview of existing survey articles published in the recent years that deal with security for mobile devices. Then, we describe and give a classification of threat models in smart mobile devices in five categories, including, identity-based attacks, eavesdropping-based attacks, combined eavesdropping and identity-based attacks, manipulation-based attacks, and service-based attacks. We also provide a classification of countermeasures into four types of categories, including, cryptographic functions, personal identification, classification algorithms, and channel characteristics. According to these, we categorize authentication schemes for smart mobile devices in four categories, namely, 1) biometric-based authentication schemes, 2) channel-based authentication schemes, 3) factor-based authentication schemes, and 4) ID-based authentication schemes. In addition, we provide a taxonomy and comparison of authentication schemes for smart mobile devices in the form of tables. Finally, we identify open challenges and future research directions.

READ FULL TEXT VIEW PDF
POST COMMENT

Comments

There are no comments yet.

Authors

page 21

11/18/2019

"Please enter your PIN" – On the Risk of Bypass Attacks on Biometric Authentication on Mobile Devices

Nowadays, most mobile devices support biometric authentication schemes l...
05/10/2021

Physical Fault Injection and Side-Channel Attacks on Mobile Devices: A Comprehensive Survey

Today's mobile devices contain densely packaged system-on-chips (SoCs) w...
07/11/2019

Challenges and Directions for Authentication in Pervasive Computing

We quickly approach a "pervasive future" where pervasive computing is th...
05/18/2017

Continuous Implicit Authentication for Mobile Devices based on Adaptive Neuro-Fuzzy Inference System

As mobile devices have become indispensable in modern life, mobile secur...
01/23/2018

Towards Understanding Connections between Security/Privacy Attitudes and Unlock Authentication

In this study, we examine the ways in which user attitudes towards priva...
05/16/2019

Additive Adversarial Learning for Unbiased Authentication

Authentication is a task aiming to confirm the truth between data instan...
09/22/2021

SoK: Cryptographic Confidentiality of Data on Mobile Devices

Mobile devices have become an indispensable component of modern life. Th...
This week in AI

Get the week's most popular data science and artificial intelligence research sent straight to your inbox every Saturday.

I Introduction

Mobile devices are going to take a central role in the Internet of Things era [1]. Smart phones, assisted from the 5G technology that provides continuous and reliable connectivity [2], will soon be able to support applications across a wide variety of domains like homecare, healthcare, social networks, safety, environmental monitoring, ecommerce and transportation [3]. Storage capabilities of mobile phones increase rapidly, and phones can today generate and store large amounts of different types of data. Modern capabilities of smart phones such as mobile payment [4] and mobile digital signing [5] of documents can help the digitalization of both the private and the public sector raising new security and privacy requirements [6].

As shown in Figure 1, there are two types of access to smart mobile devices during the authentication phase, namely, 1) users accessing smart mobile devices, and 2) users accessing remote servers via smart mobile devices. Mobile devices are protected with the use of different methods ranging from single personal identification numbers PINs, passwords or patterns which have been proved to be vulnerable to different kinds of attacks [7]. Moreover, it has been proven that the main types of breaches that systems face today, relate to attacks that can exploit human behavior, making the need for more sophisticated security and privacy measures a necessity [8]. Even when strong authentication techniques are used during initial access of the mobile devise, there is a growing need of continuous authentication of legitimate users using users’ physiological or behavioral characteristics [9]

. That way, approaches that exploit biometrics, like fingerprint recognition, face recognition, iris recognition, retina recognition, hand recognition or even dynamic behavior such as voice recognition, gait patterns or even keystroke dynamics can help detect imposters in real time

[10]. Every new authentication method comes with a possible risk of low user acceptance due to latency and increasing complexity [11].

In order to secure stored data from falling into wrong hands, cryptographic algorithms, which are conventional methods of authenticating users and protecting communication messages in insecure networks, can be used [2]. Only the user who possesses the correct cryptographic key can access the encrypted content. Cryptographic algorithms can be categorized in two main groups [12], symmetric key cryptography and public key cryptography methods, where the latter although being more promising cannot be easily applied to short messages due to inducing big latency [13]. In case an adversary obtains the secret key of a legitimate user, this kind of attack is very difficult to be detected in the server side.

For the process of conducting the literature review, we follow the same process conducted by our previous work in [14]. Specifically, the identification of literature for analysis in this paper was based on a keyword search, namely, "authentication scheme", "authentication protocol", "authentication system", and "authentication framework". Searching for these keywords in academic databases such as SCOPUS, Web of Science, IEEE Xplore Digital Library, and ACM Digital Library, an initial set of relevant sources were located. Firstly, only proposed authentication schemes for smart mobile devices were collected. Secondly, each collected source was evaluated against the following criteria: 1) reputation, 2) relevance, 3) originality, 4) date of publication (between 2007 and 2017), and 5) most influential papers in the field. The final pool of papers consists of the most important papers in the field of mobile devices that focus on the authentication as their objective. Our search started on 01/11/2017 and continued until the submission date of this paper.

The current article makes the following contributions:

  1. Discusses the existing surveys on security for mobile devices.

  2. Discusses threat models.

  3. Presents state of the art countermeasures and security analysis techniques.

  4. Analytically presents authentication schemes for Smart Mobile Devices.

  5. Discusses open issues and provide future research directions.

The remainder of this paper is organized as follows. Section II presents the existing surveys on security for mobile devices. In Section III, we provide a classification for the threat models for mobile devices. In Section IV, we present countermeasures used by the authentication schemes for smart mobile devices. In Section V, we present a side-by-side comparison in a tabular form for the current state-of-the-art of authentication schemes for mobile devices. Then, we discuss open issues and recommendations for further research in Section VI. Finally, we draw our conclusions in Section VII.

:indicates fully supported; X: indicates not supported; 0: indicates partially supported Ref. Threat models Countermeasures Security analysis techniques Security
Systems
Authentication schemes Surveyed papers
La Polla et al. (2013) [15] X 0 2004 - 2011 Khan et al. (2013) [3] X X X X 2005 - 2008 Harris et al. (2014) [16] X X X X 2005 - 2012 Meng et al. (2015) [9] 0 X 0 0 2002 - 2014 Faruki et al. (2015) [17] 0 X X 2010 - 2014 Teh et al. (2016) [18] X 0 X 0 0 2012 - 2015 Alizadeh et al. (2016) [19] 0 0 X 0 0 2010 - 2014 Patel et al. (2016) [7] 0 X X 0 0 2010 - 2015 Gandotra et al. (2017) [20] 0 X X 2010 - 2015 Spreitzer et al. (2017) [21] 0 X X X 2010 - 2016 Our work
2007 - 2017

TABLE I: A summary of related survey papers
Fig. 1: Types of communication for the smart mobile devices during the authentication, (a) users accessing smart mobile devices, (b) users accessing remote servers via smart mobile devices

Ii Existing Surveys on Security for Smart Mobile Devices

There are around ten survey articles published in the recent years that deal with security for mobile devices. These survey articles are categorized as shown in Table I. La Polla et al. in [15] present a survey on Security for Mobile Devices. They start by describing different types of mobile malware and try to outline key differences between security solutions for smartphones and traditional PCs. They also threats targeting smartphones by analyzing both different methodologies that can be used in order to perform an attack in a mobile environment and ways that these methodologies can be exploited for different purposes. Based on their analysis, which was conducted back in 2013, authors present security solutions, focusing mostly on those that exploit intrusion detection systems and trusted platform technologies. In the same year, Khan et al.in [3] performed a thorough survey on mobile devices, seeing them not as communication devices but as personal sensing platforms. Their research focused on two main categories, participatory and opportunistic mobile phone sensing systems. Having that in mind, they presented the existing work in the area of security of mobile phone sensing. They concluded that security and privacy issues need more attention while developing mobile phone sensing systems and applications, since as mobile phones are used for social interactions, users’ private data are vulnerable. In a latter survey article [16], Harris et al. tried to identify all emerging security risks that mobile device impose to SMEs and provided a set of minimum security recommendations that can be applied to mobile devices by the SMEs. Based on a fundamental dilemma, whether to move on the mobile era, facing higher risks and investing on costly security technologies, or postpone the business mobility strategy in order to protect enterprise and customer data and information.

Focusing on Android platforms, Faruki et al. in [17] surveyed several security aspects, such as, code transformation methods, strength and limitations of notable malware analysis and detection methodologies. By analyzing several malware and different methods used to tackle wide variety of new malware they concluded that a comprehensive evaluation framework incorporating robust static and dynamic methods may be the solution for this emerging problem.

Since password and PINs are authentication solutions with many drawbacks, Meng et al. in [9] conducted a thorough research on biometric-based methods that use on mobile phones. Authors included in their survey article both physiological and behavioral approaches on mobile phones, analyzed their feasibility of deployment on touch-enabled mobile phones, spotted attack points that exist and their corresponding countermeasures. Based on their analysis they concluded that a hybrid authentication mechanism that includes both multimodal biometric authentication along with traditional PINs or password can enhance both security and usability of the system. In order to further enhance security and privacy of mobile devices, active authentication techniques, which constantly monitor the behavior of the user, are employed. These methods are surveyed in [7], where a thorough analysis of their advantages and limitations is presented along with open areas for further exploration. Using physiological and behavioral biometrics-based techniques similar to the ones surveyed in [9] along with a continuous base and not only during initial access, multimodal biometrics based fusion methods have been found to be the most efficient in terms of security and usability. One main issue that arises from the use of biometric characteristics is the possible theft of them which can be prevented with the use template protection schemes. A similar survey [18] that discusses touch dynamics authentication techniques for mobile devices was published in 2016. Touch dynamics is a behavioral biometrics, which captures the way a person interacts with a touch screen device both for static and dynamic authentication of users. Teh et al. in [18]

present detailed implementations, experimental settings covering data acquisition, feature extraction, and decision-making techniques.

Alizadeh et al. in [19] discuss authentication issues in mobile cloud computing (MCC) and compare it with that of cloud computing. They present both Cloud-side and user authentication methods and spotted important that parameters that are important for designing modern authentication systems for MCC in terms of security, robustness, privacy, usability, efficiency and adaptability. In another survey article that was published in 2017 [21], Spreitzer et al. focused on side-channel attacks against mobile devices, and briefly discussed other attacks that have been applied in the smartcard or desktop/cloud setting, since the interconnectivity of these systems make smart phones vulnerable to them as well. Authors concluded that most of the attacks focus on android devices, which is related to the big market share of android platforms. They also proposed that future research should focus on wearables, e.g. smart watches, that may suffer from the same attacks in the near future and point out that side-channel attacks can be combined with other attacks that exploit software vulnerabilities in order to be more efficient.

Aslam et al. in [22] review proposed authentication protocols access to the Telecare Medical Information Systems and discuss their strengths and weaknesses in terms of ensured security and privacy properties, and computation cost. The schemes are divided in three broad categories of one-factor, two-factor and three-factor authentication schemes. Velasquez et al. in [23] present existing authentication techniques and methods in order to discern the most effective ones for different contexts. In [23], Kilinc and Yanik review and evaluate several SIP authentication and key agreement protocols according to their performance and security features.

Finally in the last survey article that was published in 2017 [20], Gandotra et al. survey device 2 device communications along with security issues with primary scope on jamming attacks. In D2D communications, the lack of a trusted central entity makes the communication susceptible to malicious attacks. Except from traditional security solutions, like channel modulation, MIMO techniques, encryption and secrecy capacity, authors state that important role plays the sociality and trust of the nodes that can play multiple roles, acting both as sources or relays.

From these survey articles only five of them deal with authentication schemes for mobile devises and none of them thoroughly considers authentication issues that are proposed for mobile devices. To the best of our knowledge, this work is the first that thoroughly covers threat models, countermeasures, security analysis techniques, security systems, and authentication schemes that were recently proposed by the research community.

Threat model Scheme Approach used to detect and avoid the attack
DoS attack [24] User and the foreign server are involved in each run of the protocol, and the home server can be off-line
[25] Key-hash based fingerprint remote authentication scheme
[26] One-way hash function
[27] Fingerprint biometric
Adaptively chosen message attack [28] Certificateless signature
Deposit-key attack [24] The verification key of foreign servers
Impostor attack [29] Diffie-Hellman key exchange with a co-location verification stage
Man-in-the-middle attack [29] Diffie-Hellman key exchange with a co-location verification stage
[30] Asymmetric encryption function
[25] Key-hash based fingerprint remote authentication scheme
[31] Bilinear pairing and elliptic curve cryptography
[13] Biometric fingerprint and ECC public key cryptography
[32] Symmetric encryption and message authentication code
Parallel session attack [27] Chaotic hash
[25] Key-hash based fingerprint remote authentication scheme
[33] [25] [34] Mutual authentication between user and remote system using random values
[26] Mutual authentication
Offline dictionary attack [35] Password salting mechanism
Tracing attack [36] Random numbers in commitments and proofs
Reflection attack [27] Chaotic hash
[25] Key-hash based fingerprint remote authentication scheme
Forgery attack [27] Chaotic hash
[31] [37] Pairing and elliptic curve cryptography
Impersonation attack [27] Chaotic hash
[26] Hashing functions
[12] [38] Elliptic curve cryptosystem
[35] Self-certified public keys
Spoofing attack [27] Mutual authentication between user and remote system
[25] Key-hash based fingerprint remote authentication scheme
[39] [35] Mutual authentication
[40] Pattern recognition approaches
Replay attack [30] Signatures during the authentication phase
[26] [35] Using different nonce variables in each login
[12] [38] [41] [34] [13] [24] Timestamps
[31][37] Timestamp + a secret key is randomly chosen
[25] Random nonce and three-way challenge-response handshake technique
Eavesdropping attack [30] One-way hash function
[37] Encryption with pairwise master key
Biometric template attack [13] Maximizing the randomness of a template
Outsider attack [12] Elliptic curve cryptosystem
Trojan horse attack [13] Biometric and cryptography are seamlessly integrated
Brute force attack [13] Cryptographic hash function SHA-224
Side-Channel attack [13] Elliptic curve cryptosystem + PKI
Malicious user attack [25] Key-hash based fingerprint remote authentication scheme
Known-key attack [25] Random nonce impart dynamic nature to the session key
Masquerade attack [33] Random values
[39] Mutual authentication
Shoulder surfing and reflections [42] Sightless two-factor authentication
Stolen-verifier attack [38] [34] The trust of the server (Key agreement)
[25] Key-hash based fingerprint remote authentication scheme
[26] The server do not stores any password or verification table
Guessing attack [12] [38] [34] Elliptic curve cryptosystem
[26] Hashing functions
ID attack [43] [44] [36] Bilinear pairings
TABLE II: Approaches for detecting and avoiding the attacks in smart mobile devices
Fig. 2: Classification of threat models in smart mobile devices

Iii Threat Models

In this section, we present and discuss the threat models that are considered by the authentication protocols in smart mobile devices. A summary of 26 attacks are given in Table II

, and are classified into the following five main categories: identity-based attacks, eavesdropping-based attacks, Combined eavesdropping and identity-based attacks, manipulation-based attacks, and service-based attacks, as presented in Figure

2.

Iii-a Identity-based attacks

The attacks under this category forge identities to masquerade as authorized users, in order to get access to the system. We classify 6 attacks, namely: Deposit-key attack, Impostor attack, Impersonation attack, Spoofing attack, Masquerade attack, and Replay attack.

  • Deposit-key attack: It involves three parties: a roaming user, the user’s home server, and the visiting foreign server of the roaming user. Under this attack, a malicious server makes the visiting foreign server believes that it is the user’s home server. The roaming user deposits information at the visiting foreign server, which are also accessible by the user’s fake home server (i.e., malicious server). In [24], this attack can be detected by verifying the key of foreign servers, the user can know that the foreign server does not think that its home server is the malicious server.

  • Impostor attack: An adversary disables one of the co-located devices and attempts to impersonate it. To thwart this attack, the Diffie-Hellman key exchange is extended with a co-location verification stage to ensure that the pairing takes place between two co-located devices [29].

  • Impersonation attack: An adversary tries to masquerade as a legitimate to log into the server. As presented in Table II, there are eight authentication protocols [27, 30, 12, 38, 43, 41, 26, 35] that are resilient against this attack, and which use different ideas. The idea of chaotic hash-based fingerprint biometric is used in [27]. The idea of asymmetric encryption function is used by [30]. The idea of Elliptic curve cryptosystem is used in protocols [12, 38]. In addition, [43] uses bilinear pairings, [41] is based on an initial random seed number that is generated by the authorization authority. [26] and [35] adopt techniques based on Hashing functions and self-certified public keys respectively.

  • Spoofing attack: An adversary masquerades as a legal server to cheat a remote user. As shown in Table II, there are 5 authentication protocols [27, 39, 35, 25, 40], which are proposed to prevent and detect this attack. The idea of mutual authentication is used in protocols [27, 39, 35]. [25] is based on Key-hash based fingerprint remote authentication scheme. Besides, the pattern recognition approaches are adopted in [40].

  • Masquerade attack: An adversary may try to masquerade as a legitimate user to communicate with the valid system or a legitimate user. [33] uses the idea of ransom values. An adversary cannot fabricate a fake request authentication message as it does not know the random value of a legitimate user, and hence cannot masquerade as that user. On the other hand, the idea of mutual authentication is used in [39].

  • Replay attack: It consists of spoofing the identities of two parties, intercepting data packets, and relaying them to their destinations without modification. As shown in Table II, there are 13 authentication protocols [30, 12, 38, 41, 34, 13, 24, 26, 35, 31, 37, 33, 25] to deal with this attack. The idea of using signatures during the authentication phase is proposed in [30]. The idea of using different nonce variables in each login is adopted by protocols in [26, 35]. Protocols in [12, 38, 41, 34, 13, 24] use the idea of timestamps, which is combined with a randomly chosen secret key in protocols [31, 37]. On the other hand, [33] proposes a one-way hashing function and random values, and [25] proposes random nonce and three-way challenge-response handshake technique.

Iii-B Eavesdropping-based attacks

This category of attacks is based on eavesdropping the communication channel between the user and the server in order to get some secret information and compromise the confidentiality of the system. We can list the following attacks under this category:

  • Eavesdropping attack: An attacker secretly overhears information that are transmitted over the communication channel, and which might not be authorized to know. The protocol in [30] deals with this attack by using One-way hash function. On the other hand, the protocol in [37] uses encryption with pairwise master key.

  • Adaptively chosen message attack: Under this attack, an adversary attempts to forge a valid signature with the help of the private key generator (PKG). The objective of this attack is to gradually reveal information about an encrypted message or about the decryption key. To do so, ciphertexts are modified in specific ways to predict the decryption of that message. The protocol in [28] can resist against this attack as it uses a certificateless signature.

  • Tracing attack: An adversary aims to collect enough privacy information to link data to a particular real identity. To resitant against this attack, [36] uses random numbers in commitments and proofs.

  • Offline dictionary attack: An attacker collect useful information from the insecure channel or from the lost smart card. After that, he stores them locally and then uses them to generate a guessed password to verify the correctness of his guess. To thwart this attack, [35] employs the password salting mechanism.

  • Outsider attack: An adversary uses the overhead messages that are exchanged between user and server, in order to compute the secret key of the server. This attack is prevented in [12] by using the elliptic curve cryptosystem.

  • Brute force attack: It consists of generating a large number of consecutive guessed passwords, with the hope of eventually guessing correctly. The resiliency against this attack is strengthened by employing the cryptographic hash function SHA-224.

  • Side-Channel attack: It is based on information gained from the physical implementation of the cryptosystem. The physical electronic systems produce emissions about their internal process, which means that attackers can gather and extract cryptographic information. To resist against this attack, [13] propose deploying elliptic curve cryptosystem as well as a Public Key Infrastructure (PKI).

  • Known-key attack: It consists of compromising past session keys in order to derive any further session keys. In [25], the values that are used to compute the session keys are not available in plaintext. In addition, random nonce imparts dynamic nature to the session key, and hence the attacker cannot predict the value of the random nonce of the future session key

  • Shoulder surfing and reflections: It is a social engineering technique used to obtain information such passwords and other confidential data by looking over the victim’s shoulder. To prevent this attack, [42] uses the idea of sightless two-factor authentication.

  • Reflection attack: It is applicable on authentication schemes that adopt challenge-response technique for mutual authentication. Under this attack, a victim is tricked to provide response to its own challenge. To deal with this attack, [27] proposes the chaotic hash-based fingerprint biometric remote user authentication scheme, and [25] proposes the key-hash based fingerprint remote authentication scheme.

  • Guessing attack: This attack is possible when an adversary gets a copy of the encrypted password from the communication channel or from the smart card. Then, the adversary guesses thousands of passwords per second and matches them with the captured one until the guessing operation succeeds. To deal with this attack, protocols [12, 38, 34, 26] use the elliptic curve cryptosystem

  • ID attack: An adversary sends some identities to obtain the private key of the corresponding identity. The security against this attack is ensured in [43, 44, 36] by using the idea of bilinear pairings.

Iii-C Combined Eavesdropping and identity-based attacks

This category of attacks combine the eavesdropping and identity-based techniques to compromise the system. Under this category, we can find the following attacks:

  • Malicious user attack: An attacker by extracting the credentials stored in the smart card, he can easily derive the secret information of the system. After that, he masquerades as a legitimate user and access the system.

  • Parallel session attack: This attack takes place under the assumption that multiple concurrent sessions are allowed between two communicating parties. An attacker that eavesdrops over an insecure channel and captures login authentication message from the user and the responding authentication message from the server, can create and send a new login message to the server, and masquerading as the user.

  • Stolen-verifier attack: The attacker steals the verification data from the server of a current or past successful authentication sessions. Then, it uses the stolen data to generate authentication messages and send them to the server. If the server accepts the authentication messages, the adversary masquerades as a legitimate user.

Iii-D Manipulation-based attacks

A data manipulation attack typically involves an unauthorized party accessing and changing your sensitive data, rather than simply stealing it or encrypting your data and holding it for ransom.

  • Man-in-the-middle (MITM) attack: An attacker by spoofing the identities of two parties can secretly relay and even modify the communication between these parties, which believe they are communicating directly, but in fact the whole conversation is under the control of the attacker. [25] proposes the key-hash based fingerprint remote authentication scheme to secure the system against this attack. In [29], Diffie-Hellman key exchange with a co-location verification stage is proposed. [31] combines bilinear pairing and elliptic curve cryptography. On the other hand, [13] uses the idea of combining biometric fingerprint and the ECC public key cryptography, whereas symmetric encryption and message authentication code are used in [32]. The Multi factors-based authentication scheme is adopted in [45].

  • Forgery Attack: It forges valid authentication messages to satisfy the requirement of the authentication scheme. To resist against this attack, [27] proposes the chaotic hash-based fingerprint biometric remote user authentication scheme. On the other hand, [31, 37] uses the idea of pairing and elliptic curve cryptography.

  • Trojan horse attack: It uses a Trojan horse program to compromise the authentication system. In order to prevent that the Trojon horse program tampers with with the biometric authentication module, [13] seamlessly integrates biometric and cryptography.

  • Biometric template attack: An adversary attacks the biometric template in the database to add, modify, and delete templates in order to gain illegitimate access to the system. To increase the security strength of the biometric template, [13] maximizes its randomness.

Iii-E Service-based attacks

The goal of service-based, or Denial of Service (DoS) attacks, is to make the authentication service unavailable either (1) by flooding the authentication server with huge amount of data to make it busy and unable of providing service to the legitimate users, or (2) by updating the verification information of a legitimate user with false data. Afterwards, legitimate legal user is unable to login to the server. As depicted in Table II, there are four authentication protocols [27, 24, 26, 25] to prevent or detect DoS attacks. In [27], the user has to perform authentication by using biometric fingerprint. If the mobile device is stolen or lost, illegitimate users cannot make a new password, and hence [27] is resistant against the denial-of-service attack. As for protocol in [24], it is only required that the user and the foreign server to be involved in each run of the protocol, and the home server can be off-line. Consequently, DoS attack on home servers is not possible. On the other hand, [26] uses the idea of one-way hash function, and [25] proposes a key-hash based fingerprint remote authentication scheme.

Countermeasure Scheme
Personal Identification Number (PIN) [46] [47] [48] [45]
Ear Shape [49]
Electrocardiogram [50] [51]
Capacitive touchscreen [52]
Behaviour profiling [53]
Linguistic profiling [53]
Gait recognition [54]
Rhythm [55] [56]
Touch dynamics [57] [42]
Multi-touch interfaces [58] [59]
Probabilistic polynomial time algorithms [24]
Initial random seed number [41]
A unique international mobile equipment identification number [41]
Encryption with pairwise master key [37]
Identity-based elliptic curve algorithm [37]
Tag number [30]
Keystroke analysis [46] [47] [60] [61] [48] [62] [53] [63]
Diffie-Hellman key exchange [29]
Classification algorithms [47] [64] [39] [65] [66]
Chaotic hash [27]
Fingerprint [27] [13] [26] [25] [67]
Teeth image [64]
Voice recognition [64] [48] [45]
HMM biosensor scheduling [68]
Asymmetric encryption function [30]
Symmetric encryption function [30] [39] [41] [32]
Hash function [30] [27] [31] [33] [44] [39] [41] [34] [13] [69] [35] [25] [70] [71] [72]
Elliptic curve cryptosystem [12] [38] [31] [34] [13] [71] [72]
Bilinear pairings [43] [31] [44] [69] [35] [36] [70]
Password [33] [39] [61] [32] [45]
Schnorr’s signature scheme [69]
Self-certified public keys [35]
Graphical password [73]
Message authentication code [32]
Channel characteristics [74]
Face recognition [75] [45] [66]
Iris recognition [75] [40]
Certificateless signature [28]
Homomorphic encryption [36] [76]
Order preserving encryption [76]
Gaze gestures [77]
Arm gesture [49]
Signature recognition [78]
TABLE III: Countermeasures used by the authentication schemes for smart mobile devices
Ref. Time Tool Authentication model Main results
[47] 2007 - Pattern recognition approaches - User authentication - Evaluating the feasibility of utilizing keystroke information in classifying users
[64] 2008 - Pattern recognition approaches - User authentication - Evaluating the feasibility of utilizing together teeth image and voice
[43] 2009 - Random oracle model
- Computational assumptions
- Mutual authentication - Show that the proposed protocol is secure against ID attack
[31] 2009 - Computational assumptions - Hand-off authentication
- Anonymous authentication
- Show that the proposed scheme can protecting identity privacy
[44] 2010 - Random oracle model
- Computational assumptions
- Mutual authentication - Show that an adversary should not know the previous session keys
[57] 2012 - Pattern recognition approaches - User authentication - Evaluating the feasibility of touch dynamics
[58] 2012 - Pattern recognition approaches - User authentication - Show that the multi-touch gestures great promise as an authentication mechanism
[59] 2012 - Pattern recognition approaches - Continuous mobile authentication - Evaluating the applicability of using multi-touch gesture inputs for implicit and continuous user identification
[69] 2012 - Computational assumptions - Mutual authentication with key agreement - Construct an algorithm to solve the CDH problem or the k-CAA problem
[65] 2013 - Pattern recognition approaches - Continuous authentication - Feasibility of continuous touch-based authentication
[32] 2013 - Formal proof
- Random oracle model
- Transitive authentication - Solving the CDH problem
[28] 2014

- Game theory

- Anonymous authentication - Prove that the authentication scheme achieves anonymity, unlinkability, immunity of key-escrow, and mutual authentication
[40] 2016 - Pattern recognition approaches - Multimodal authentication - Show that the sensor pattern noise-based technique can be reliably applied on smartphones
[37] 2017 - Pattern recognition approaches - Active authentication - Show the performance of each individual classifier and its contribution to the fused global decision
TABLE IV: Security analysis techniques used by the authentication schemes for smart mobile devices
Fig. 3: Categorization of countermeasures used by the authentication schemes for smart mobile devices
Fig. 4: Personal identification-based countermeasures used by the authentication schemes for smart mobile devices
Fig. 5: Categorization of security analysis techniques used by the authentication schemes for smart mobile devices

Iv Countermeasures and security analysis techniques

A secure and efficient authentication scheme is needed to prevent various insider and outsider attacks on many different smart mobile devices. The authentication scheme uses both cryptosystems and non-cryptosystems countermeasures to performing the user authentication whenever a user accesses the devices. In this section, we will discuss the countermeasures and security analysis techniques used by the authentication schemes for smart mobile devices.

Iv-a Countermeasures

The countermeasures used by the authentication schemes for smart mobile devices can be classified into four categories, including, cryptographic functions, personal identification, classification algorithms, and channel characteristics, as presented in Figure 3. Table III presents the countermeasures used in authentication schemes for smart mobile devices.

Iv-A1 Cryptographic functions

The cryptographic functions are used in most authentication schemes for smart mobile devices in order to achieve the security goals, which can be classified into three types of categories, including, asymmetric encryption function, symmetric encryption function and , hash function. As presented in Table III, two cryptographic functions are the most used, namely, 1) Bilinear pairings and 2) Elliptic curve cryptosystem (ECC). The authentication schemes [12], [38], [31], [34], [13], [71], [72] uses the elliptic curve cryptosystem [79] to reduce the computation loads for mobile devices but still some disadvantages such as the need for a key authentication center to maintain the certificates for users’ public keys. Using ECC, the scheme [12] provides mutual authentication and supports a session key agreement between the user and the server. The scheme [31] employs ECC and pairing to manipulate authentication parameters and authorization keys for the multiple requests in mobile pay-TV systems. The scheme [34] uses ECC with three-way challenge-response handshake technique in order to provide the agreement of session key and the leaked key revocation capability. Note that hash functions are used specifically to preserve the data integrity. Therefore, in this subsection, we will briefly introduce the bilinear pairings and the elliptic curve cryptosystem.

Bilinear pairings

Le and be multiplicative groups of the same prime order , respectively. Let denote a random generator of and denote a bilinear map constructed by modified Weil or Tate pairing with following properties:

  • Bilinear: and . In particular, .

  • Non-degenerate: such that .

  • Computable: there exists an efficient algorithm to compute , .

Elliptic curve cryptosystem

As discussed by Guo et al. [36], the bilinear pairing operations are performed on elliptic curves. An elliptic curve is a cubic equation of the form , where , , , , and are real numbers. In an elliptic curve cryptosystem (ECC) [79], the elliptic curve equation is defined as the form of over a prime finite field F, where , , and . Given an integer and a point , the point multiplication over can be defined as . Generally, the security of ECC relies on the difficulties of the following problems [12]:

Definition 1. Given two points and over , the elliptic curve discrete logarithm problem (ECDLP) is to find an integer such that .

Definition 2. Given three points , , and over for , the computational Diffie-Hellman problem (CDLP) is to find the point over .

Definition 3. Given two points and over for , the elliptic curve factorization problem (ECFP) is to find two points and over .

Iv-A2 Personal identification

As shown in Figure 4, the personal identification can be classified into two types of categories, including:

Numbers-based countermeasures

(e.g, Personal Identification Number (PIN), International Mobile Equipment Identity (IMEI ), and Password). Using the inter-keystroke latency, the Clarke and Furnell’s scheme [46] classifies the users based upon entering telephone numbers and PINs, where the users are authenticated based upon three interaction scenarios: 1) Entry of 11-digit telephone numbers, 2) Entry of 4-digit PINs, and 3) Entry of text messages. Similar to the scheme [46], the Clarke and Furnell’s framework concentrate on collecting the following input data types, 1) Telephone numbers, 2) Telephone area code (5-Digit), 3) Text message, and ) 4-Digit PIN code. According to Wiedenbeck et al. [80], the numbers-based countermeasures should be easy to remember; they should look random and they be hard to guess; they should be changed frequently, and should be different for different user’s accounts; they should not be written down or stored in plain text. Therefore, the numbers-based countermeasures are vulnerable to various types of attacks such as shoulder surfing.

Biometrics-based countermeasures

are any human physiological (e.g., face, eyes, fingerprints-palm, or ECG) or behavioral (e.g., signature, voice, gait, or keystroke) patterns. Due to the PIN codes impede convenience and ease of access, the biometrics-based countermeasures are more popular today compared to the numbers-based countermeasures. Some recent smart mobile devices (e.g., iPhone 5S and up and Samsung Galaxy S5 and up) have started to integrate capacitive fingerprint scanners as part of the enclosure. As shown in Figure 4, we found 12 types of biometrics used as a countermeasure of authentication. Khamis et al. [77] used the Gaze gestures for shoulder-surfing resistant user authentication on smart mobile devices. Therefore, Arteaga-Falconi et al. [50] and Kang et al. [51] used the electrocardiogram for biometrics authentication based on cross-correlation of the templates extracted. By recognizing the user’s voice through the mic, Jeong et al. [45] used the voice recognition for user authentication in mobile cloud service architecture. From images captured by the front-facing cameras of smart mobile devices, Mahbub et al. [66] used the face recognition for continuous authentication. Based on the behavior of performing certain actions on the touch screens, Shahzad et al. [78] proposed the idea of using Gestures and Signatures to authenticate users on touch screen devices. Using gait captured from inertial sensors, Hoang et al. [54] proposed the Gait recognition with fuzzy commitment scheme for authentication systems. Based on the way and rhythm in which the users interacts with a keyboard or keypad when typing characters, Kambourakis et al. [63] introduced the Keystroke dynamics for user authentication in smart mobile devices. In addition, Galdi et al. [40] introduced an authentication scheme using iris recognition and demonstrated its applicability on smart mobile devices. Finally, based on the idea that the instinctive gesture of responding to a phone call can be used to capture two different biometrics, Abate et al. [49] used the ear and arm gesture for user authentication in smart mobile devices.

Iv-B Security analysis techniques

To prove the feasibility of authentication schemes for smart mobile devices in practice, researchers in the security field use the security analysis techniques [81],[Mo5], which can be categorized into five types, namely, computational assumptions, pattern recognition approaches, formal proof, random oracle model, and game theory, as shown in Figure5 . Therefore, authentication schemes for smart mobile devices that use security analysis techniques are summarized in TableIV . Note that the pattern recognition approaches are used especially by biometric-based authentication schemes. More precisely, Clarke and Furnell [47] used the pattern recognition approaches to evaluating the feasibility of utilizing keystroke information in classifying users. Kim and Hong [64] evaluated the feasibility of utilizing together teeth image and voice in terms of the training time per model and authentication time per image. Through the Sensor Pattern Noise (SPN), Galdi et al. showed that the sensor pattern noise-based technique can be reliably applied on smartphones. Therefore, Wu and Tseng [43] used the random oracle model and computational assumptions to show that the proposed scheme is secure against ID attack and an adversary should not know the previous session keys. Finally, Liu et al. [28] used the game theory to prove that the authentication scheme achieves anonymity, unlinkability, immunity of key-escrow, and mutual authentication.

Fig. 6: Categorization of authentication schemes for smart mobile devices
Notation Definition
TAR
FAR
FRR
ROC
TPR
FPR
FNR
EER
GAR









True acceptance rate
False acceptance rate
False rejection rate
Receiver operating characteristic
True-positive rate
False-positive rate
False-negative rate
Equal error rate
Genuine acceptance rate
Ttime of executing a bilinear pairing operation
Time of executing a multiplication operation of point
Time of executing a one-way hash function
Time of executing an addition operation of points
Time of executing an elliptic curve point addition
Time of executing an elliptic curve point multiplication
Time of executing a modular inversion operation
Computational cost of client and server (total)
Computational cost of subscription (total)
Time of encryption and decryption
TABLE V: Notations used in comparison of computational costs

V Authentication schemes for Smart Mobile Devices

Generally, the classification of authentication schemes frequently mentioned in the literature is done using the following three types, namely, Something-You-Know (can be shared and forgotten), Something-You-Have (can be shared and duplicated), and Someone-You-Are (not possible to share and repudiate), as discussed by Chen et al. in [55, 9]. In our work, according to the countermeasure characteristic used and the authentication model, we categorize the authentication schemes for smart mobile devices in four categories, namely, 1) Biometric-based authentication schemes, 2) Channel-based authentication schemes, 3) Factor-based authentication schemes, and 4) ID-based authentication schemes, as shown in Figure 6.

Fig. 7: Flowcharts depicting the process for (a) authentication using the biometrics-based countermeasures and (b) realization processes of an authentication scheme for smart mobile devices
Time Scheme Method Goal Mobile device Performance (+) and limitation (-) Comp. complexity
2007 Clarke and Furnell [46] - Keystroke analysis - Introducing the concept of advanced user authentication - Sony Ericsson T68;
- HP IPAQ H5550;
- Sony Clie PEG NZ90.
+ Keystroke latency
- Process of continuous and non-intrusive authentication
Low
2007 Clarke and Furnell [47] - Keystroke analysis - Enable continuous and transparent identity verification - Nokia 5110 + GRNN has the largest spread of performances
- The threat model is not defined
High
2008 Khan et al. [27] - Fingerprint - Introducing the concept of chaotic hash-based fingerprint biometrics remote user authentication scheme - N/A + Can prevent from fives attacks, namely, parallel session attack, reflection attack, Forgery attack, impersonation attack, DoS attack, and server spoofing attack
- The proposed scheme is not tested on mobile devices
Low
2010 Li and Hwang [33] - Smart card - Providing the non-repudiation - N/A + Can prevent from three attacks, namely, masquerading attacks, replay attacks, and parallel session attacks
- Storage costs are not considered

2011 Xi et al. [13] - Fingerprint - Providing the authentication using bio-cryptographic - Mobile device with Java Platform + Secure the genuine biometric feature
- Server-side attack is not considered
at FAR=0.1% , GAR=78.69%
2012 Chen et al. [26] - Fingerprint - Using only hashing functions - N/A + Solve asynchronous problem
- Privacy-preserving is not considered
2013 Frank et al. [65] - Touchscreen - Providing a behavioral biometric for continuous authentication - Google Nexus One + Sufficient to authenticate a user
- Not applicable for long-term authentication
11 to 12 strokes, EER=2%–3%
2014 Khan et al. [25] - Fingerprint - Improve the Chen et al.’s scheme and Truong et al.’s scheme - N/A + Quick wrong password detection
- Location privacy is not considered

2015 Hoang et al. [54] - Gait recognition - Employing a fuzzy commitment scheme - Google Nexus One + Efficient against brute force attacks
- Privacy model is not defined
Low
2016 Arteaga-Falconi et al. [50] - Electrocardiogram - Introducing the concept of electrocardiogram-based authentication - AliveCor + Concealing the biometric features during authentication
- Privacy model is not considered.
TAR=81.82% and FAR=1.41%
2017 Abate et al. [49] - Ear Shape - Implicitly authenticate the person authentication - Samsung Galaxy S4 smartphone + Implicit authentication
- Process of continuous and non-intrusive authentication
EER=1%–1.13%
TABLE VI: Biometric-based authentication schemes for smart mobile devices

V-a Biometric-based authentication schemes

The surveyed papers of biometric-based authentication schemes for smart mobile devices are shown in Table VI. As shown in Figure 7, the realization processes of a biometric-based authentication scheme for smart mobile devices are based on the following processes:

  • Definition of authentication model (anonymous authentication, transitive authentication, active authentication, multimodal authentication, etc.)

  • Definition of attacks model (DoS attack, Deposit-key attack, impostor attack, MMITM attack, etc.)

  • Selection of countermeasures (cryptographic functions, personal identification, classification algorithms, channel characteristics, etc.)

  • Proposition of main phases of the scheme (biometric acquisition, extraction of matching, fusion rules, decision stage, etc.)

  • Security analysis techniques (computational assumptions, pattern recognition approaches, formal proof, random oracle model, game theory, etc.)

  • Performance evaluation (true acceptance rate, false acceptance rate, false rejection rate, equal error rate, etc.)

The write a text message using a biometric is called keystroke analysis, which can be classified as either static or continuou. To authenticate users based on the keystroke analysis, Clarke and Furnell [46] introduced the concept of advanced user authentication, which is based on three interaction scenarios, namely, 1) Entry of 11-digit telephone numbers, 2) Entry of 4-digit PINs, and 3) Entry of text messages. The scheme [46]

can provide not only transparent authentication of the user and continuous or periodic authentication of the user, but it is also efficient in terms of the false rejection rate and false acceptance rate under three type of mobile devices, namely, Sony Ericsson T68, HP IPAQ H5550, and Sony Clie PEG NZ90. To demonstrate the ability of neural network classifiers, the same authors in

[47]

proposed an authentication framework based on mobile handset keypads in order to support keystroke analysis. The three pattern recognition approaches used in this framework are, 1) Feed forward multi-layered perceptron network, 2) Radial basis function network, and 3) Generalised regression neural network. Therefore, Maiorana et al.

[60] proved that it is feasible to employ keystroke dynamics on mobile phones with the statistical classifier for keystroke recognition in order to employ it as a password hardening mechanism. In addition, the combination of time features and pressure features is proved by Tasia et al. in [62] that is the best one for authenticating users.

The passwords have been widely used by the remote authentication schemes, which they can be easily guessed, hacked, and cracked. However, to overcome the drawbacks of only-password-based remote authentication, Khan et al. [27] proposed the concept of chaotic hash-based fingerprint biometrics remote user authentication scheme. Theoretically, the scheme [27] can prevent from fives attacks, namely, parallel session attack, reflection attack, Forgery attack, impersonation attack, DoS attack, and server spoofing attack, but it is not tested on mobile devices and vulnerable to biometric template attacks. To avoid the biometric template attack, Xi et al. [13] proposed an idea based on transformation of the locally matched fuzzy vault index to the central server for biometric authentication using the public key infrastructure. Compared to [39], [27], and [13], Chen et al. [26] proposed an idea that uses only hashing functions on fingerprint biometric remote authentication scheme to solve the asynchronous problem on mobile devices. In 2014, Khan et al. [25] improved the Chen et al.’s scheme and Truong et al.’s scheme with quick wrong password detection, but the location privacy is not considered.

The biometric keys have some advantages, namely, 1) cannot be lost or forgotten, 2) very difficult to copy or share, 3) extremely hard to forge or distribute, and 4) cannot be guessed easily. In 2010, Li and Hwang [33] proposed a biometric-based remote user authentication scheme using smart cards, in order to provide the non-repudiation. Without storing password tables and identity tables in the system, the Li and Hwang’s scheme [33] can resist masquerading attacks, replay attacks, and parallel session attacks. Therefore, the authors did not specify the application environment of their scheme, but it can be applied to smart mobile devices as the network model is not complicated. Note that Li and Hwang’s scheme was cryptanalyzed for several times. The question we ask here: is it possible to use a graphical password as an implicit password authentication system to avoid the screen-dump attacks? Almuairfi et al. [73] in 2013, introduced an image-based implicit password authentication system, named IPAS, which is based on creating a visualized image of a user’s logged answers.

The touch dynamics for user authentication are initialed on desktop machines and finger identification. In 2012, Meng et al. [57]

focused on a user behavioral biometric, namely touch dynamics such as touch duration and touch direction. Specifically, they proposed an authentication scheme that uses touch dynamics on touchscreen mobile phones. To classify users, Meng et al.’s scheme uses known machine learning algorithms (e.g., Naive Bayes, decision tree) under an experiment with 20 users using Android touchscreen phones. Through simulations, the results show that Meng et al.’s scheme reduces the average error rate down to 2.92% (FAR of 2.5% and FRR of 3.34%). The question we ask here: is it possible to use the multi-touch as an authentication mechanism? Sae-Bae et al.

[58] in 2012, introduced an authentication approach based on multi-touch gestures using an application on the iPad with version 3.2 of iOS. Compared with Meng et al.’s scheme [57], Sae-Bae et al.’s approach is efficient with 10% EER on average for single gestures, and 5% EER on average for double gestures. Similar to Sae-Bae et al.’s approach [58], Feng et al. [59] designed a multi-touch gesture-based continuous authentication scheme, named FAST, that incurs FAR=4.66% and FRR= 0.13% for the continuous post-login user authentication. In addition, the FAST scheme can provide a good post-login access security, without disturbing the honest mobile users, but the threat model is very limited and privacy-preserving is not considered.

In 2016, Arteaga-Falconi et al. [50] introduced the concept of electrocardiogram-based authentication for mobile devices. Specifically, the authors considered five factors, namely, the number of electrodes, quality of mobile ECG sensors, time required to gain access to the phone, FAR, and TAR. Before applying the ECG authentication algorithm, the preprocessing stages for the ECG signal pass by the fiducial point detection. The ECG authentication algorithms is based on two aspects: 1) the use of feature-specific percentage of tolerance and 2) the adoption of a hierarchical validation scheme. The results reveal that the algorithm [50] has 1.41% false acceptance rate and 81.82% true acceptance rate with 4s of signal acquisition. Note that the ECG signals from mobile devices can be corrupted by noise as a result of movement and signal acquisition type, as discussed by Kang et al. [51]. However, the advantage of using ECG authentication is concealing the biometric features during authentication, but it is a serious problem if the privacy preserving is not considered.

Time Scheme Method Goal Mobile device Performance (+) and limitation (-) Comp. complexity
2007 Varshavsky et al. [29] - Physical proximity - Authenticate co-located devices - N/A
+ Not vulnerable to eavesdropping
- The threat model is limited
High
2008 Li et al. [30] - Electronic voting - Introducing the concept of a deniable electronic voting authentication in MANETs - N/A + Privacy requirement
- Many assumptions needed to understand implementation
Medium
2011 He et al. [24] - Seamless roaming - Authenticate with privacy-preserving - N/A + Privacy requirement
- The threat model is limited
Medium
2013 Chen et al. [32] - Tripartite authentication - Establish a conference key securely - Samsung Galaxy Nexus + Transitive authentication
- Intrusion detection is not considered
Medium
2014 Guo et al. [36] - Attribute-based authentication - Authenticate with privacy-preserving - Nexus S + Anonymity and untraceability
- Interest privacy is not considered
High
2015 SETO et al.
[56]
- User-habit-oriented authentication - Integrate the habits with user authentication - Google Nexus 4 + More usable for people who have better memory for rhythms than for geometric curves
- Privacy is not considered
High
2016 Yang et al. [37] - Handover authentication - Provides user anonymity and untraceability - N/A + Access grant and data integrity
- Many assumptions needed to understand implementation
Medium
2017 Samangouei et al. [82] - Attribute-based authentication - Introducing the concept of facial attributes for active authentication - Google Nexus 5 + Implemented with low memory usage
- Intrusion detection and encryption are not considered
Medium
TABLE VII: Channel-based authentication schemes for smart mobile devices

V-B Channel-based authentication schemes

The surveyed papers of channel-based authentication schemes for smart mobile devices are shown in Table VII. From dynamic characteristics of radio environment, Varshavsky et al. [29] showed that is possible to securely pair devices using the proximity-based authentication. Specifically, the authors proposed a technique to authenticate co-located devices, named, Amigo. The Amigo scheme use the knowledge of the shared radio environment of devices as proof of physical proximity, which is specific to a particular location and time. Using the Diffie-Hellman key exchange with verification of device co-location, the Amigo scheme does not require user involvement to verify the validity of the authentication and can detect and avoid the eavesdropping attacks such as the impostor attack and the man-in-the-middle attack. By exploiting physical layer characteristics unique to a body area network, Shi et al. [74]

proposed a lightweight body area network authentication scheme, named BANA. Based on distinct received signal strength variations, the BANA scheme adopts clustering analysis to differentiate the signals from an attacker and a legitimate node. The advantage of BANA scheme is that it can accurately identify multiple attackers with the minimal amount of overhead.

As discussed by the work [30], supporting group decisions and especially the electronic voting (e-voting) has become an important topic in the field of mobile applications, where the smart mobile devices can be used to make group decisions electronically. To secure e-voting system, Li et al. [30] proposed that an electronic voting protocol with deniable authentication should satisfy the following requirements: completeness, uniqueness, privacy, eligibility, fairness, verifiability, uncoercibility, mobility, and deniable authentication. Based on three types of cryptography, namely, 1) asymmetric encryption function, 2) symmetric encryption function, and 3) hash function, the scheme [30] can meet these requirements of a secure e-voting system for application over mobile ad hoc networks. Theoretically, the scheme [30] can prevent four passive and active attacks, namely, man-in-the-middle attack, impersonation attack, replay attack, and eavesdropping attack, but many assumptions needed to understand the implementation in a smart mobile device.

A roaming scenario in wireless networks involves four parties, namely, a roaming user, a visiting foreign server, a home server and a subscriber. However, He et al. [24] introduced a user authentication scheme with privacy preserving, named Priauth, for seamless roaming over wireless networks. Based on probabilistic polynomial time algorithms, the Priauth scheme can satisfy the six requirements: (1) server authentication, (2) subscription validation, (3) provision of user revocation mechanism, (4) key establishment, (5) user anonymity, and (6) user untraceablility, but the complexity is high when the Priauth scheme authenticates multiple handheld devices in ad-hoc environment. Using a temporary confidential channel, Chen et al. [32] proposed a bipartite and a tripartite authentication protocol to allow multiple handheld devices to establish a conference key securely, which can reduce the bottleneck of running time human’s involvements.

To provide continuous secure services for mobile clients, it is necessary to design an efficient handover protocol that achieves the handover authentication with user anonymity and untraceability, as discussed in the work [37]. Specifically, Yang et al. uses the identity-based elliptic curve algorithm for supporting user anonymity and untraceability in mobile cloud computing. To provide the active authentication on mobile devices, Samangouei et al. [82] introduced the concept of facial attributes.

Time Scheme Method Goal Mobile device Performance (+) and limitation (-) Comp. complexity
2008 Kim and Hong [64] - Multimodal biometrics - Authenticate using teeth image and voice - Hp iPAQ rw6100 + Better than the performance obtained using teeth or voice individually
- The threat model is not defined
High
2008 Yu et al. [68] - Multimodal biometrics - Introducing the concept of multimodal biometric-based authentication in MANETs - N/A + Biosensor costs
- Intrusion detection and encryption are not considered
Medium
2010 Park et al. [39] - Multilevel access control - Control all accesses to the authorized level of database - N/A + Flexibility to dynamic access authorization changes
- Many assumptions needed to understand implementation

2012 Chang et al. [61] - Graphical password
- KDA system
- Combine a graphical password with the KDA system - Android devices + Suitable for low-power mobile devices
- The threat model is limited
With thumbnails=3, FRR(%)=7.27, FAR(%)=5.73
2013 Crawford et al. [48] - Keystroke dynamics
- Speaker verification
- Integrate multiple behavioral biometrics with conventional authentication - Android devices + Implement fine-grained access control
- No suitable for low-power mobile devices
Medium
2014 Sun et al. [42] - Multi-touch screens - Authenticate using multi-touch mobile devices - Google Nexus 7 + Robust to shoulder-surfing and smudge attack
- Anonymity problem
TPR=99.3%
FPR=2.2%
2015 Chen et al. [55] - Rhythm - Authenticate using the rhythm for multi-touch mobile devices - Google Nexus 7 + More usable for people who have better memory for rhythms than for geometric curves
- Privacy is not considered
FPR up to 0.7%
FNR up to 4.2%
2016 Khamis et al. [77] - Gaze gestures
- Touch
- Allow passwords with multiple switches - Android devices + Secure against side attacks
- The threat model is not defined
Medium
2016 Sitova et al. [83] - Hand movement, orientation, and grasp - Authenticate using the grasp resistance and grasp stability - Android devices + Continuous authentication
- Cross-device interoperability
EER=15.1%
2017 Fridman et al. [84] - Four biometric modalities - Introducing the active authentication via four biometric modalities - Android devices + Active authentication
- User reparability
ERR=5%
FRR =1,1%
TABLE VIII: Factors-based authentication schemes for smart mobile devices
Fig. 8: Factors-based authentication schemes for smart mobile devices

V-C Factor-based authentication schemes

The surveyed papers of factors-based authentication schemes for smart mobile devices are shown in Table VIII. As shown in Figure 8, factor-based authentication can be classified into three types of categories, including: two-factor authentication, three-factor authentication, and multi-factor authentication.

Kim and Hong [64]

proposed a multimodal biometric authentication approach using teeth image and voice. Specifically, this approach is based on two phases, namely, 1) teeth authentication phase and 2) voice authentication phase. The teeth authentication phase uses the AdaBoost algorithm based on Haar-like features for teeth region detection, and the embedded hidden Markov model with the two-dimensional discrete cosine transform. The voice authentication phase uses mel-frequency cepstral coefficients and pitch as voice features. Through performance evolution, the approach was shown that it is better than the performance obtained using teeth or voice individually, but the threat model is not defined. The question we ask here: is it sufficient to use an authentication approach without defining the threat models? Park et al.

[39] showed that various attack routes in smart mobile devices may cause serious problems of privacy infringement in data protection. Specifically, using cryptographic methods, the authors designed a combined authentication and multilevel access control, named CAMAC. The CAMAC control uses three types of classification of information level, namely, 1) Public, which is not sensitive and can be disclosed in public, 2) Not public but sharable, which the data should be encrypted and be decrypted only by authorized users, and 3) Not public and not sharable, which the data should be decrypted only by the user himself/herself.

As discussed in the survey [14], MANETs is an autonomous system of mobile nodes (e.g., smart mobile devices), which has several salient characteristics, namely, dynamic topologies, bandwidth constrained and energy constrained operation, and limited physical security. To authenticate the smart mobile devices in MANETs, Yu et al. [68] introduced the concept of multimodal biometric-based authentication, which uses a dynamic programming-based HMM scheduling algorithm to derive the optimal scheme. Therefore, the biosensor scheduling procedure used in the scheme [68] is based on three steps, namely, 1) Scheduling step, to find the optimal biosensor, 2) Observation step, to observe the output of the optimal biosensor and 3) Update step, to judge the result of the authentication. The scheme [68] is efficient in terms of biosensor costs, but the article fails to provide a detailed analysis of intrusion detection and encryption. Related to the scheme [68], Saevanee et al. [53] proposed a continuous user authentication using multi-modal biometrics with linguistic analysis, keystroke dynamics and behavioral profiling.

Chang et al. [61] proposed the combination of a graphical password with the KDA (Keystroke Dynamic-based Authentication) system for touchscreen handheld mobile devices. The Chang et al.’s scheme uses the same three phases as in the KDA systems, namely, 1) Enrollment phase, 2) Classifier building phase, and 3) Authentication phase. The enrollment phase is launched when a user’s finger presses the touchscreen of the handheld mobile device at thumbnail photo. The classifier building phase is used to verify the user’s identity after obtaining the personal features, which the authors employ a computation-efficient statistical classifier proposed by Boechat et al. in [85]

. In authentication phase, the classifier is used to verify the user’s identity where the system compares the sequence of graphical password with the registered one in the enrollment phase. Through the experiments, the probability of breaking the Chang et al.’s scheme under a shoulder surfing attack is reduced.

Crawford et al. [48] proposed an extensible transparent authentication framework that integrates multiple behavioral biometrics, namely, keystroke dynamics and speaker verification. The processes of this framework are based on six phases, namely, 1) Update biometric input buffer, 2) Update explicit authentication buffer, 3) Compute individual biometric probability, 4) Compute device confidence, 5) Make task decision, and 6) Update training buffer and refresh classifiers. Therefore, the idea of capacitive touchscreen to scan body parts is proposed by Holz et al. in [54]. Specifically, the authors proposed a biometric authentication system, named Bodyprint, that detects users’ biometric features using the same type of capacitive sensing. The Bodyprint system is implemented as an application on an LG Nexus 5 phone, which features a Synaptics ClearPad 3350 touch sensor.

Based on a multimodal recognition of face and iris, De Marsico et al. [75] designed an authentication application, named FIRME, to be embedded in mobile devices. The FIRME is made up of separate modules, with a common starting and final processing, and a central part specialized for each biometrics. The face recognition uses four phases, namely, 1) Acquisition and segmentation, 2) Spoofing detection, 3) Best template selection, and 4) Feature extraction and matching. The iris recognition uses two phases, namely, 1) Acquisition and segmentation and 2) Feature extraction and matching. The question we ask here is: Is it possible to use the iris liveness detection for mobile devices under the printed-iris attacks? The study published in 2015 by Gragnaniello et al. in [86]

proves that with the local binary pattern descriptor, we can detect and avoid the printed-iris attacks using the classification through support vector machine with a linear kernel. Another question we ask here: Is FIRME’s scheme effective for the partial face detection? The study published in 2016 by Mahbub et al. in

[66] proves that with the fewer facial segment cascade classifiers, we can detect partially cropped and occluded faces captured using a smartphone’s front-facing camera for continuous authentication.

The idea of a sequence of rhythmic taps/slides on a device screen to unlock the device is proposed by Chen et al. in [55]. Specifically, the authors proposed a rhythm-based two-factor authentication, named RhyAuth, for multi-touch mobile devices. The RhyAuth scheme is implemented as an application on Google Nexus 7 tablets powered by Android 4.2. Note that it is possible to use another factor as the third authentication factor such as ID/password. However, the question we ask here is: Is it possible to use four biometric modalities for mobile devices in order to authenticate the users? The study published in 2017 by Fridman et al. in [84] introduced the active authentication via four biometric modalities, namely, 1) text entered via soft keyboard, 2) applications used, 3) websites visited, and 4) physical location of the device as determined from GPS (when outdoors) or WiFi (when indoors).

Time Scheme Method Goal Mobile device Performance (+) and limitation (-) Comp. complexity
2009 Yang and Chang [12] - Elliptic curve cryptosystem - Providing mutual authentication with key agreement - N/A + Resist to outsider, impersonation, and replay attacks
- Perfect forward secrecy is not considered compared to the Yoon and Yoo’s scheme [38]

2009 Yoon and Yoo [38] - Elliptic curve cryptosystem - Providing the perfect forward secrecy - N/A + Session key security
- Location privacy is not considered

2009 Wu and Tseng [43] - Bilinear pairings - Providing the implicit key confirmation and partial forward secrecy - N/A + Secure against a passive attack
- The proposed scheme is not tested on mobile devices

2009 Sun and Leu [31] - Elliptic curve cryptography - Providing one-to-many facility - Mobile Pay-TV system
+ Resisting man-in-the-middle attack and replay attack
- Interest privacy is not considered
2010 Wu and Tseng [44] - Bilinear pairings - Providing the implicit key confirmation and partial forward secrecy - N/A + Secure against ID attack
- The average message delay and the verification delay are not evaluated
2011 Islam and Biswas [34] - Elliptic curve cryptosystem - Improve the Yang and Chang’s scheme [12] - N/A + Prevents user’s anonymity problem
- Vulnerable to the ephemeral-secret-leakage attacks

2012 He [69] - Bilinear pairings - Providing the key agreement and mutual authentication - HiPerSmart + Provides key agreement
- Perfect forward secrecy is not considered compared to the Yoon and Yoo’s scheme [38]

2013 Liao and Hsiao [35] - Self-certified public keys - Eliminate the risk of leaking the master secret key - HiPerSmart + User reparability
- Anonymity problem
2014 Liu et al. [28] - Certificateless signature - Avoiding the forgery on adaptively chosen message attack - Windows CE 5.2 OS + Privacy of potential WBAN users
- The threat model is limited
2015 Shahandashti et al. [76] - Homomorphic encryption - Achieving implicit authentication - N/A + Secure against maliciously-controlled devices
- Vulnerable to the replay attack
Medium
2016 Islam and Khan [71] - Elliptic curve cryptosystem - Providing the user anonymity and unlinkability - N/A + Resistance to Pohlig–Hellman attack
- Location privacy is not considered

2017 Wu et al. [72] - Elliptic curve cryptosystem - Providing the user anonymity and privacy-preserving - N/A + Perfect forward secrecy
- Vulnerable to the ephemeral-secret-leakage attacks
TABLE IX: ID-based authentication schemes for smart mobile devices
Fig. 9: Methods used to preserve the authentication models in ID-based authentication schemes for smart mobile devices
Challenges Description Focus/Objective Contribution Research opportunities
False data injection attacks in mobile cyber-physical system False data injection attacks jeopardize the system operations in smart mobile devices How to identify and mitigate false data injection attacks in mobile cyber-physical system? Conventional false data detection approaches - How to evaluate the overall running status?
- How to design a reputation system with an adaptive reputation updating ?
Analysis of smart mobile devices under topology attacks Malicious attacker steals the topology How to identify the topology attacks and reduce the amount of stolen information A stochastic petri net approach - How to proof the efficacy of using a stochastic petri net approach ?
- How to prove that Petri nets can be useful for modeling mobile cyber-physical system?
Integration of smart mobile devices using new generation optical infrastructure technologies (NGN) Integration of smart mobile devices with different types of networks such as IoT, vehicular networks, smart grids, …etc. How the smart mobile devices are able to mutually authenticate with NGN without any significant increase in overheads ? An energy-aware encryption for smart mobile devices in Internet of Multimedia Things - How to integrate smart mobile devices into NGN ?
- How to design an authentication scheme that reduces the costs in terms of storage cost, computation complexity, communication overhead, and delay overhead?
Android malware or malfunctioning smart mobile devices Malicious or malfunctioning smart mobile devices can be source of data How to safeguard data against such attacks? An efficient end-to-end security and encrypted data scheme - The choice of encryption is challenge in view of power complexities of smart mobile devices
Anonymous profile matching Malicious or malfunctioning smart mobile devices identify a user who has the same profiles How to provides the conditional anonymity ? Prediction-based adaptive pseudonym change strategy - How to keeps the service overhead of mobile devices very low?
- How to achieve the confidentiality of user profiles?
- How to resist against the false data injection from the external attacks ?
Group authentication and key agreement security under the 5G network architecture A group of smart mobile devices accessing the 5G network simultaneously cause severe authentication issues Rethinking the authentication and key agreement protocols in 3G/LTE networks A group authentication scheme based on Elliptic Curve Diffie-Hellman (ECDH) to realize key forward/backward secrecy - How to provide privacy and key forward/backward secrecy?
- How to resist the existing attacks including redirection, man-in-the-middle, and denial-of-service attacks, etc.
Authentication for mobile devices in Fog-enhanced IoT [Mo3] Authentication the fog devices deployed at the network edge [Mo4] How to aggregate hybrid IoT devices’ data during the authentication? Employing the homomorphic Paillier encryption - How to authenticate the source of data at each time slot?
- How to achieve privacy-preserving when there is no malfunctioning IoT devices ?
User authentication and privacy preserving for UAV-enabled smart mobile devices Users can access the Internet via UAVs using their smart mobile devices. Moreover, this topological structures can be exploited by the attacker from the location data - How to provide authentication with provable link-layer location privacy?
- How to provide authentication with strong identity privacy and forward-security?
- Pseudonym changing strategy to achieve the provable location privacy
- Privacy-preserving location-based service framework
- Employing the ciphertext policy anonymous attribute-based encryption
- How to develop anonymity set analytical models?
- How to model an external attacker to trace the smart mobile devices’ locations?
- How to achieve fine-grained access control?
Electrocardiogram-based authentication with privacy preservation for smart mobile devices Privacy preservation in electrocardiogram-based authentication remains a challenging problem since adversaries can find different ways of exploiting vulnerabilities of the electrocardiogram system - How to reduce the acquisition time of Electrocardiogram signals for authentication ?
- How to achieve privacy preservation and electrocardiogram integrity with differential privacy and fault tolerance?
- Proposing new privacy-preserving aggregation algorithms
- Proposing a new secure handover session key management scheme
- How to resist sensing data link attack?
- How to achieve scalability by performing aggregation operations ?

- How to improve the TAR and FAR using deep learning?

Authentication for smart mobile devices using Software-defined networking (SDN) and network function virtualization (NFV) The development of network functions using SDN/NFV remains a challenging problem since mobile malware can disrupt the operation of the protocols between the control and data planes, e.g., OpenFlow [Mo1] and ForCES [Mo2] - How to achieve mutual authentication by adopting both SDN and NFV technologies? - Proposing new private data aggregation scheme for authentication - How to secure against malwares attack?
- How to achieve the computation efficiency?
TABLE X: Summary of Open Research Issues

V-D ID-based authentication schemes

The surveyed papers of ID-based schemes for smart mobile devices are shown in Table IX. With the application of cryptography in authentication schemes, smart mobile devices need additional computations, which causes the computation loads and the energy costs of mobile devices to be very high. To solve this problem, researchers proposed several ID-based authentication schemes using elliptic curve cryptosystem (ECC), as discussed in the work [12]. Therefore, as shown in Figure 9, there are five methods used to provide the authentication models in ID-based authentication schemes for smart mobile devices, namely, bilinear pairings, elliptic curve cryptosystem, self-certified public keys, certificateless signature, and homomorphic encryption.

In order to provide mutual authentication or a session key agreement, Yang and Chang [12] presented an ID-based remote mutual authentication with key agreement scheme. Specifically, the scheme is based on three phases, namely, system initialization phase, user registration phase, and mutual authentication with key agreement phase. Based on the analysis of computational and communication costs, the scheme [12] is efficient compared to the Jia et al.’s scheme [87] and can resist outsider, impersonation, and replay attacks. Therefore, Islam and Biswas [34] have analyzed the disadvantage of Yang and Chang’s scheme [12] and found that is inability to protect user’s anonymity, known session-specific temporary information attack, and clock synchronization problem.

Yoon and Yoo’s scheme [38] showed that the Yang and Chang’s scheme [12] is vulnerable to an impersonation attack and does not provide perfect forward secrecy. Similar to both Yang and Chang’s scheme [12] and Yoon and Yoo’s scheme [38], Wu and Tseng [43] proposed an ID-based mutual authentication and key exchange scheme for low-power mobile devices. Using the random oracle model and under the gap Diffie–Hellman group, Wu and Tseng’s scheme is secure against an ID attack, impersonation attack and passive attack. The question we ask here is: Will resistance to the impersonation attack give the reliability of an authentication scheme for smart mobile devices? The new study published in 2017 by Spreitzer et al. in [21] proved that the transition between local attacks and vicinity attacks can be increased under the local side-channel attacks, especially in case of passive attacks. Thereby, the local side-channel attacks need to be studied by the authentication schemes for smart mobile devices.

To provide anonymous authentication in mobile pay-TV systems, Sun and Leu [31] proposed an authentication scheme in order to protect the identity privacy. Based on Elliptic curve cryptography (ECC), the Sun and Leu’s scheme can manipulate authentication parameters and authorization keys for the multiple requests. Related to the scheme [31], HE et al. [70] proposed a one-to-many authentication scheme for access control in mobile pay-TV systems. Therefore, using four mechanisms, namely, symmetrical cryptosystem, asymmetrical cryptosystem, digital signature and one-way hash function, Chen’s scheme [88] proposed an effective digital right management scheme for mobile devices. Note that Chang et al. [41] have found that Chen’s scheme [88] is insecure because an attacker can easily compute the symmetric key, and they proposed an improved schema based on three phases: the registration phase, the package phase, and the enhanced authorization phase.

Vi Open Research Issues

Table X summarizes the future directions in authentication issues for smart mobile devices.

In 2016 [89, 90], an Android malware succeeded in bypassing the two-factor authentication scheme of many banking mobile apps. The malware can steal the user’s login credential, including the SMS verification code. When the legitimate application is launched, the malware is triggered and a fake login screen overlays the original mobile banking one, with no option to close it. After that the user fills in their personal data in the fake app. The key success of this attack is based on the phishing technique, which displays a graphical user interface (GUI) that has similar visual features as the legitimate app. The malware can also intercept two-factor authentication code (i.e., verification code sent through SMS), and forward it the attacker. One research direction to prevent this kind of attacks is to detect the apps which have similar visual appearance and are installed on the same mobile device.

Mobile devices are nowadays an essential part of our everyday life, and can be integrated with different types of networks such as: Internet of things (IoT), vehicular networks, smart grids, …etc, as they help the user accessing the required resources and information of these networks. This integration requires rethinking the authentication protocols already proposed for mobile devices, and considers the new architecture, the new threats, as well as the implementation feasibility in case of resource-constrained devices.

Employees work very often with their mobile devices by using electronic mail, exchange IM messages (instant messaging) or view files directly on the cloud through an online cloud storage application. This means that corporate data is at high risk, unless we take the necessary measures to ensure that data are protected and safe. One solution is to secure files with the use of a secure container. Containers isolate user’s mobile device and emails are encrypted for protection against third party access and attachments to emails open in container, in order to prevent leakage to third party applications. Future research should focus on developing more robust containers against sophisticated attacks or with implementing secure App Wrapping techniques.

Recently University of Michigan was funded for producing a computer that is unhackable [91]. MORPHEUS outlines a new way to design hardware so that information is rapidly and randomly moved and destroyed. The technology works to elude attackers from the critical information they need to construct a successful attack. It could protect both hardware and software. This idea can be the basis for future research for securing mobile devices from attackers.

Intrusion detection capabilities can be built inside the mobile devices in order to spot real-time malicious behaviors. Such techniques must use combined characteristics and exploit and social network analysis techniques [maglaras2014ocsvm], in order to cope with zero day attacks and small fluctuations in user behavior. There are many types of algorithms that may be used to mine audit data on real time, that can be applied to mobile devices. Data mining based IDSs have demonstrated higher accuracy, to novel types of intrusion and robust behaviour [dewa2016data].

False data injection attacks are crucial security threats to the mobile cyber-physical system, where the attacker can jeopardize the system operations in smart mobile devices. Recently, Li et al. in [92] proposed a distributed host-based collaborative detection scheme to detect smart false data injection attacks white low false alarm rate. To identify anomalous measurement data reported, the proposed scheme employs a set of rule specifications. However, how to identify and mitigate false data injection attacks in the mobile cyber-physical system? Hence, false data injection attacks in the mobile cyber-physical system should be exploited in the future.

Based on recent advances in wireless and networking technologies such as Software-defined networking (SDN) and network function virtualization (NFV), 5G will enable a fully mobile and connected society. According to Nguyen et al. [Mo6], the development of network functions using SDN and NFV will achieve an extremely high data rate. Therefore, a group of smart mobile devices accessing the 5G network simultaneously causes severe authentication issues. In a work published in 2018, Ferrag et al. [81] categorized threat models in cellular networks in four categories, namely, attacks against privacy, attacks against integrity, attacks against availability, and attacks against authentication. How to achieve mutual authentication by adopting both SDN and NFV technologies under these threat models? One possible future direction is to develop a group authentication scheme based on Elliptic Curve Diffie-Hellman (ECDH) to realize key forward/backward secrecy.

Privacy preservation in electrocardiogram-based authentication remains a challenging problem since adversaries can find different ways of exploiting vulnerabilities of the electrocardiogram system. Two questions we ask here: How to reduce the acquisition time of Electrocardiogram signals for authentication? and how to achieve privacy preservation and electrocardiogram integrity with differential privacy and fault tolerance? A possible research direction in this topic could be related to proposing new privacy-preserving aggregation algorithms to resist sensing data link attack.

Vii Conclusions

In this article, we surveyed the state-of-the-art of authentication schemes for smart mobile devices. Through an extensive research and analysis that was conducted, we were able to classify the threat models in smart mobile devices into in five categories, including, identity-based attacks, eavesdropping-based attacks, combined eavesdropping and identity-based attacks, manipulation-based attacks, and service-based attacks. In addition, we were able to classify the countermeasures into four types of categories, including, cryptographic functions, personal identification, classification algorithms, and channel characteristics. Regarding the cryptographic functions, the surveyed schemes use three types of cryptographic functions, including, asymmetric encryption function, symmetric encryption function, and hash function.

In order to ensure authentication by the personal identification, the surveyed schemes use two types, including, 1) biometrics-based countermeasures, which are any human physiological (e.g., face, eyes, fingerprints-palm, or ECG) or behavioral (e.g., signature, voice, gait, or keystroke pattern); 2) numbers-based countermeasures (e.g, Personal Identification Number (PIN), International Mobile Equipment Identity (IMEI ), and Password). From security analysis techniques point, there are five security analysis techniques used in authentication for smart mobile devices, namely, computational assumptions, pattern recognition approaches, formal proof, random oracle model, and game theory.

According to the countermeasure characteristic and the authentication model used, we were able to classify the surveyed schemes for smart mobile devices in four categories, namely, biometric-based authentication schemes, channel-based authentication schemes, factor-based authentication schemes, and ID-based authentication schemes. In addition, we presented a side-by-side comparison in a tabular form for each category, in terms of performance, limitations, and computational complexity.

There still exist several challenging research areas (e.g., false data injection attacks in mobile cyber-physical system, analysis of smart mobile devices under topology attacks, Group authentication and key agreement security under the 5G network architecture, authentication for mobile devices in Fog-enhanced IoT, authentication for UAV-enabled smart mobile devices, and electrocardiogram-based authentication with privacy preservation…etc), which can be further analyzed in the near future.

References

  • [1] C. Thuemmler and C. Bai, Eds., Health 4.0: How Virtualization and Big Data are Revolutionizing Healthcare.   Cham: Springer International Publishing, 2017.
  • [2] M. A. Ferrag, L. A. Maglaras, H. Janicke, J. Jiang, and L. Shu, “Authentication Protocols for Internet of Things: A Comprehensive Survey,” Secur. Commun. Networks, vol. 2017, pp. 1–41, 2017.
  • [3] W. Z. Khan, Y. Xiang, M. Y. Aalsalem, and Q. Arshad, “Mobile Phone Sensing Systems: A Survey,” IEEE Commun. Surv. Tutorials, vol. 15, no. 1, pp. 402–427, jan 2013.
  • [4] Z. Qin, J. Sun, A. Wahaballa, W. Zheng, H. Xiong, and Z. Qin, “A secure and privacy-preserving mobile wallet with outsourced verification in cloud computing,” Comput. Stand. Interfaces, vol. 54, pp. 55–60, nov 2017.
  • [5] I. Pappel, I. Pappel, J. Tepandi, and D. Draheim, “Systematic Digital Signing in Estonian e-Government Processes,” in Trans. Large-Scale Data-and Knowledge-Centered Syst. XXXVI.   Springer, 2017, pp. 31–51.
  • [6] W. J. Schünemann and M.-O. Baumann, Eds., Privacy, Data Protection and Cybersecurity in Europe.   Cham: Springer International Publishing, 2017.
  • [7] V. M. Patel, R. Chellappa, D. Chandra, and B. Barbello, “Continuous User Authentication on Mobile Devices: Recent progress and remaining challenges,” IEEE Signal Process. Mag., vol. 33, no. 4, pp. 49–61, jul 2016.
  • [8] M. Evans, L. A. Maglaras, Y. He, and H. Janicke, “Human behaviour as an aspect of cybersecurity assurance,” Secur. Commun. Networks, vol. 9, no. 17, pp. 4667–4679, nov 2016.
  • [9] W. Meng, D. S. Wong, S. Furnell, and J. Zhou, “Surveying the Development of Biometric User Authentication on Mobile Phones,” IEEE Commun. Surv. Tutorials, vol. 17, no. 3, pp. 1268–1293, jan 2015.
  • [10] Y. Meng, D. S. Wong, R. Schlegel, and L.-f. Kwok, “Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones,” 2013, pp. 331–350.
  • [11] S. Li, A. Ashok, Y. Zhang, C. Xu, J. Lindqvist, and M. Gruteser, “Whose move is it anyway? Authenticating smart wearable devices using unique head movement patterns,” in 2016 IEEE Int. Conf. Pervasive Comput. Commun.   IEEE, mar 2016, pp. 1–9.
  • [12] J.-H. Yang and C.-C. Chang, “An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem,” Comput. Secur., vol. 28, no. 3-4, pp. 138–143, may 2009.
  • [13] K. Xi, T. Ahmad, F. Han, and J. Hu, “A fingerprint based bio-cryptographic security protocol designed for client/server authentication in mobile computing environment,” Secur. Commun. Networks, vol. 4, no. 5, pp. 487–499, may 2011.
  • [14] M. A. Ferrag, L. Maglaras, and A. Ahmim, “Privacy-Preserving Schemes for Ad Hoc Social Networks: A Survey,” IEEE Commun. Surv. Tutorials, vol. 19, no. 4, pp. 3015–3045, jan 2017.
  • [15] M. La Polla, F. Martinelli, and D. Sgandurra, “A Survey on Security for Mobile Devices,” IEEE Commun. Surv. Tutorials, vol. 15, no. 1, pp. 446–471, jan 2013.
  • [16] M. A. Harris and K. P. Patten, “Mobile device security considerations for small- and medium-sized enterprise business mobility,” Inf. Manag. Comput. Secur., vol. 22, no. 1, pp. 97–114, mar 2014.
  • [17] P. Faruki, A. Bharmal, V. Laxmi, V. Ganmoor, M. S. Gaur, M. Conti, and M. Rajarajan, “Android Security: A Survey of Issues, Malware Penetration, and Defenses,” IEEE Commun. Surv. Tutorials, vol. 17, no. 2, pp. 998–1022, jan 2015.
  • [18] P. S. Teh, N. Zhang, A. B. J. Teoh, and K. Chen, “A survey on touch dynamics authentication in mobile devices,” Comput. Secur., vol. 59, pp. 210–235, jun 2016.
  • [19] M. Alizadeh, S. Abolfazli, M. Zamani, S. Baharun, and K. Sakurai, “Authentication in mobile cloud computing: A survey,” J. Netw. Comput. Appl., vol. 61, pp. 59–80, feb 2016.
  • [20] P. Gandotra, R. Kumar Jha, and S. Jain, “A survey on device-to-device (D2D) communication: Architecture and security issues,” J. Netw. Comput. Appl., vol. 78, pp. 9–29, jan 2017.
  • [21] R. Spreitzer, V. Moonsamy, T. Korak, and S. Mangard, “Systematic Classification of Side-Channel Attacks: A Case Study for Mobile Devices,” IEEE Commun. Surv. Tutorials, pp. 1–1, 2017.
  • [22] M. U. Aslam, A. Derhab, K. Saleem, H. Abbas, M. Orgun, W. Iqbal, and B. Aslam, “A Survey of Authentication Schemes in Telecare Medicine Information Systems,” J. Med. Syst., vol. 41, no. 1, p. 14, jan 2017.
  • [23] I. Velásquez, A. Caro, and A. Rodríguez, “Authentication schemes and methods: A systematic literature review,” Inf. Softw. Technol., vol. 94, pp. 30–37, feb 2018.
  • [24] D. He, J. Bu, S. Chan, C. Chen, and M. Yin, “Privacy-Preserving Universal Authentication Protocol for Wireless Communications,” IEEE Trans. Wirel. Commun., vol. 10, no. 2, pp. 431–436, feb 2011.
  • [25] M. K. Khan, S. Kumari, and M. K. Gupta, “More efficient key-hash based fingerprint remote authentication scheme using mobile device,” Computing, vol. 96, no. 9, pp. 793–816, sep 2014.
  • [26] C.-L. Chen, C.-C. Lee, and C.-Y. Hsu, “Mobile device integration of a fingerprint biometric remote authentication scheme,” Int. J. Commun. Syst., vol. 25, no. 5, pp. 585–597, may 2012.
  • [27] M. K. Khan, J. Zhang, and X. Wang, “Chaotic hash-based fingerprint biometric remote user authentication scheme on mobile devices,” Chaos, Solitons & Fractals, vol. 35, no. 3, pp. 519–524, feb 2008.
  • [28] J. Liu, Z. Zhang, X. Chen, and K. S. Kwak, “Certificateless Remote Anonymous Authentication Schemes for WirelessBody Area Networks,” IEEE Trans. Parallel Distrib. Syst., vol. 25, no. 2, pp. 332–342, feb 2014.
  • [29] A. Varshavsky, A. Scannell, A. LaMarca, and E. de Lara, “Amigo: Proximity-Based Authentication of Mobile Devices,” in UbiComp 2007 Ubiquitous Comput., 2007, pp. 253–270.
  • [30] C.-T. Li, M.-S. Hwang, and C.-Y. Liu, “An electronic voting protocol with deniable authentication for mobile ad hoc networks,” Comput. Commun., vol. 31, no. 10, pp. 2534–2540, jun 2008.
  • [31] Hung-Min Sun and Muh-Chyi Leu, “An Efficient Authentication Scheme for Access Control in Mobile Pay-TV Systems,” IEEE Trans. Multimed., vol. 11, no. 5, pp. 947–959, aug 2009.
  • [32] Chien-Ming Chen, King-Hang Wang, Tsu-Yang Wu, Jeng-Shyang Pan, and Hung-Min Sun, “A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices,” IEEE Trans. Inf. Forensics Secur., vol. 8, no. 8, pp. 1318–1330, aug 2013.
  • [33] C.-T. Li and M.-S. Hwang, “An efficient biometrics-based remote user authentication scheme using smart cards,” J. Netw. Comput. Appl., vol. 33, no. 1, pp. 1–5, jan 2010.
  • [34] S. H. Islam and G. Biswas, “A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem,” J. Syst. Softw., vol. 84, no. 11, pp. 1892–1898, nov 2011.
  • [35] Y.-P. Liao and C.-M. Hsiao, “A novel multi-server remote user authentication scheme using self-certified public keys for mobile clients,” Futur. Gener. Comput. Syst., vol. 29, no. 3, pp. 886–900, mar 2013.
  • [36] L. Guo, C. Zhang, J. Sun, and Y. Fang, “A Privacy-Preserving Attribute-Based Authentication System for Mobile Health Networks,” IEEE Trans. Mob. Comput., vol. 13, no. 9, pp. 1927–1941, sep 2014.
  • [37] X. Yang, X. Huang, and J. K. Liu, “Efficient handover authentication with user anonymity and untraceability for Mobile Cloud Computing,” Futur. Gener. Comput. Syst., vol. 62, pp. 190–195, sep 2016.
  • [38] E.-J. Yoon and K.-Y. Yoo, “Robust ID-Based Remote Mutual Authentication with Key Agreement Scheme for Mobile Devices on ECC,” in 2009 Int. Conf. Comput. Sci. Eng.   IEEE, 2009, pp. 633–640.
  • [39] Hyun-A Park, Jong Wook Hong, Jae Hyun Park, J. Zhan, and Dong Hoon Lee, “Combined Authentication-Based Multilevel Access Control in Mobile Application for DailyLifeService,” IEEE Trans. Mob. Comput., vol. 9, no. 6, pp. 824–837, jun 2010.
  • [40] C. Galdi, M. Nappi, and J.-L. Dugelay, “Multimodal authentication on smartphones: Combining iris and sensor recognition for a double check of user identity,” Pattern Recognit. Lett., vol. 82, pp. 144–153, oct 2016.
  • [41] C.-C. Chang, J.-H. Yang, and D.-W. Wang, “An efficient and reliable E-DRM scheme for mobile environments,” Expert Syst. Appl., vol. 37, no. 9, pp. 6176–6181, sep 2010.
  • [42] J. Sun, R. Zhang, J. Zhang, and Y. Zhang, “TouchIn: Sightless two-factor authentication on multi-touch mobile devices,” in 2014 IEEE Conf. Commun. Netw. Secur.   IEEE, oct 2014, pp. 436–444.
  • [43] T.-Y. Wu and Y.-M. Tseng, “An ID-Based Mutual Authentication and Key Exchange Protocol for Low-Power Mobile Devices,” Comput. J., vol. 53, no. 7, pp. 1062–1070, sep 2010.
  • [44] ——, “An efficient user authentication and key exchange protocol for mobile client–server environment,” Comput. Networks, vol. 54, no. 9, pp. 1520–1530, jun 2010.
  • [45] Y.-S. Jeong, J. S. Park, and J. H. Park, “An efficient authentication system of smart device using multi factors in mobile cloud service architecture,” Int. J. Commun. Syst., vol. 28, no. 4, pp. 659–674, mar 2015.
  • [46] N. Clarke and S. Furnell, “Advanced user authentication for mobile devices,” Comput. Secur., vol. 26, no. 2, pp. 109–119, mar 2007.
  • [47] N. L. Clarke and S. M. Furnell, “Authenticating mobile phone users using keystroke analysis,” Int. J. Inf. Secur., vol. 6, no. 1, pp. 1–14, dec 2006.
  • [48] H. Crawford, K. Renaud, and T. Storer, “A framework for continuous, transparent mobile device authentication,” Comput. Secur., vol. 39, pp. 127–136, nov 2013.
  • [49] A. F. Abate, M. Nappi, and S. Ricciardi, “I-Am: Implicitly Authenticate Me Person Authentication on Mobile Devices Through Ear Shape and Arm Gesture,” IEEE Trans. Syst. Man, Cybern. Syst., pp. 1–13, 2017.
  • [50] J. S. Arteaga-Falconi, H. Al Osman, and A. El Saddik, “ECG Authentication for Mobile Devices,” IEEE Trans. Instrum. Meas., vol. 65, no. 3, pp. 591–600, mar 2016.
  • [51] S. J. Kang, S. Y. Lee, H. I. Cho, and H. Park, “ECG Authentication System Design Based on Signal Analysis in Mobile and Wearable Devices,” IEEE Signal Process. Lett., vol. 23, no. 6, pp. 805–808, jun 2016.
  • [52] C. Holz, S. Buthpitiya, and M. Knaust, “Bodyprint: Biometric user identification on mobile devices using the capacitive touchscreen to scan body part,” in Proc. 33rd Annu. ACM Conf. Hum. Factors Comput. Syst. - CHI ’15.   New York, New York, USA: ACM Press, 2015, pp. 3011–3014.
  • [53] H. Saevanee, N. Clarke, S. Furnell, and V. Biscione, “Continuous user authentication using multi-modal biometrics,” Comput. Secur., vol. 53, pp. 234–246, sep 2015.
  • [54] T. Hoang, D. Choi, and T. Nguyen, “Gait authentication on mobile phone using biometric cryptosystem and fuzzy commitment scheme,” Int. J. Inf. Secur., vol. 14, no. 6, pp. 549–560, nov 2015.
  • [55] Y. Chen, J. Sun, R. Zhang, and Y. Zhang, “Your song your way: Rhythm-based two-factor authentication for multi-touch mobile devices,” in 2015 IEEE Conf. Comput. Commun.   IEEE, apr 2015, pp. 2686–2694.
  • [56] J. Seto, Y. Wang, and X. Lin, “User-Habit-Oriented Authentication Model: Toward Secure, User-Friendly Authentication for Mobile Devices,” IEEE Trans. Emerg. Top. Comput., vol. 3, no. 1, pp. 107–118, mar 2015.
  • [57] Y. Meng, D. S. Wong, R. Schlegel, and L.-f. Kwok, “Touch Gestures Based Biometric Authentication Scheme for Touchscreen Mobile Phones,” in Int. Conf. Inf. Secur. Cryptol.   Springer, Berlin, Heidelberg, 2013, pp. 331–350.
  • [58] N. Sae-Bae, K. Ahmed, K. Isbister, and N. Memon, “Biometric-rich gestures,” in Proc. 2012 ACM Annu. Conf. Hum. Factors Comput. Syst. - CHI ’12.   New York, New York, USA: ACM Press, 2012, p. 977.
  • [59] T. Feng, Z. Liu, K.-A. Kwon, W. Shi, B. Carbunar, Y. Jiang, and N. Nguyen, “Continuous mobile authentication using touchscreen gestures,” in 2012 IEEE Conf. Technol. Homel. Secur.   IEEE, nov 2012, pp. 451–456.
  • [60] E. Maiorana, P. Campisi, N. González-Carballo, and A. Neri, “Keystroke dynamics authentication for mobile phones,” in Proc. 2011 ACM Symp. Appl. Comput. - SAC ’11.   New York, New York, USA: ACM Press, 2011, p. 21.
  • [61] T.-Y. Chang, C.-J. Tsai, and J.-H. Lin, “A graphical-based password keystroke dynamic authentication system for touch screen handheld mobile devices,” J. Syst. Softw., vol. 85, no. 5, pp. 1157–1165, may 2012.
  • [62] C.-J. Tasia, T.-Y. Chang, P.-C. Cheng, and J.-H. Lin, “Two novel biometric features in keystroke dynamics authentication systems for touch screen devices,” Secur. Commun. Networks, vol. 7, no. 4, pp. 750–758, apr 2014.
  • [63] G. Kambourakis, D. Damopoulos, D. Papamartzivanos, and E. Pavlidakis, “Introducing touchstroke: keystroke-based authentication system for smartphones,” Secur. Commun. Networks, vol. 9, no. 6, pp. 542–554, apr 2016.
  • [64] D.-S. Kim and K.-S. Hong, “Multimodal biometric authentication using teeth image and voice in mobile environment,” IEEE Trans. Consum. Electron., vol. 54, no. 4, pp. 1790–1797, nov 2008.
  • [65] M. Frank, R. Biedert, E. Ma, I. Martinovic, and D. Song, “Touchalytics: On the Applicability of Touchscreen Input as a Behavioral Biometric for Continuous Authentication,” IEEE Trans. Inf. Forensics Secur., vol. 8, no. 1, pp. 136–148, jan 2013.
  • [66] U. Mahbub, V. M. Patel, D. Chandra, B. Barbello, and R. Chellappa, “Partial face detection for continuous authentication,” in 2016 IEEE Int. Conf. Image Process.   IEEE, sep 2016, pp. 2991–2995.
  • [67] Y. Sharaf-Dabbagh and W. Saad, “On the authentication of devices in the Internet of things,” in 2016 IEEE 17th Int. Symp. A World Wireless, Mob. Multimed. Networks.   IEEE, jun 2016, pp. 1–3.
  • [68] F. Richard Yu, H. Tang, V. C. M. Leung, J. Liu, and C.-H. Lung, “Biometric-based user authentication in mobilead hoc networks,” Secur. Commun. Networks, vol. 1, no. 1, pp. 5–16, jan 2008.
  • [69] D. He, “An efficient remote user authentication and key agreement protocol for mobile client–server environment from pairings,” Ad Hoc Networks, vol. 10, no. 6, pp. 1009–1016, aug 2012.
  • [70] D. He, N. Kumar, H. Shen, and J.-H. Lee, “One-to-many authentication for access control in mobile pay-TV systems,” Sci. China Inf. Sci., vol. 59, no. 5, p. 052108, may 2016.
  • [71] S. H. Islam and M. K. Khan, “Provably secure and pairing-free identity-based handover authentication protocol for wireless mobile networks,” Int. J. Commun. Syst., vol. 29, no. 17, pp. 2442–2456, nov 2016.
  • [72] L. Wu, Y. Zhang, Y. Xie, A. Alelaiw, and J. Shen, “An Efficient and Secure Identity-Based Authentication and Key Agreement Protocol with User Anonymity for Mobile Devices,” Wirel. Pers. Commun., vol. 94, no. 4, pp. 3371–3387, jun 2017.
  • [73] S. Almuairfi, P. Veeraraghavan, and N. Chilamkurti, “A novel image-based implicit password authentication system (IPAS) for mobile and non-mobile devices,” Math. Comput. Model., vol. 58, no. 1-2, pp. 108–116, jul 2013.
  • [74] L. Shi, M. Li, S. Yu, and J. Yuan, “BANA: Body Area Network Authentication Exploiting Channel Characteristics,” IEEE J. Sel. Areas Commun., vol. 31, no. 9, pp. 1803–1816, sep 2013.
  • [75] M. De Marsico, C. Galdi, M. Nappi, and D. Riccio, “FIRME: Face and Iris Recognition for Mobile Engagement,” Image Vis. Comput., vol. 32, no. 12, pp. 1161–1172, dec 2014.
  • [76] S. F. Shahandashti, R. Safavi-Naini, and N. A. Safa, “Reconciling user privacy and implicit authentication for mobile devices,” Comput. Secur., vol. 53, pp. 215–233, sep 2015.
  • [77] M. Khamis, F. Alt, M. Hassib, E. von Zezschwitz, R. Hasholzner, and A. Bulling, “GazeTouchPass,” in Proc. 2016 CHI Conf. Ext. Abstr. Hum. Factors Comput. Syst. - CHI EA ’16.   New York, New York, USA: ACM Press, 2016, pp. 2156–2164.
  • [78] M. Shahzad, A. X. Liu, and A. Samuel, “Behavior Based Human Authentication on Touch Screen Devices Using Gestures and Signatures,” IEEE Trans. Mob. Comput., vol. 16, no. 10, pp. 2726–2741, oct 2017.
  • [79] H. H. Kilinc and T. Yanik, “A Survey of SIP Authentication and Key Agreement Schemes,” IEEE Commun. Surv. Tutorials, vol. 16, no. 2, pp. 1005–1023, jan 2014.
  • [80] D. Hankerson, A. J. Menezes, and S. Vanstone, Guide to elliptic curve cryptography.   Springer Science & Business Media, 2006.
  • [81] M. A. Ferrag, L. Maglaras, A. Argyriou, D. Kosmanos, and H. Janicke, “Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes,” J. Netw. Comput. Appl., vol. 101, pp. 55–82, jan 2018.
  • [82] P. Samangouei, V. M. Patel, and R. Chellappa, “Facial attributes for active authentication on mobile devices,” Image Vis. Comput., vol. 58, pp. 181–192, feb 2017.
  • [83] Z. Sitova, J. Sedenka, Q. Yang, G. Peng, G. Zhou, P. Gasti, and K. S. Balagani, “HMOG: New Behavioral Biometric Features for Continuous Authentication of Smartphone Users,” IEEE Trans. Inf. Forensics Secur., vol. 11, no. 5, pp. 877–892, may 2016.
  • [84] L. Fridman, S. Weber, R. Greenstadt, and M. Kam, “Active Authentication on Mobile Devices via Stylometry, Application Usage, Web Browsing, and GPS Location,” IEEE Syst. J., vol. 11, no. 2, pp. 513–521, jun 2017.
  • [85] G. C. Boechat, J. C. Ferreira, and E. C. B. Carvalho Filho, “Authentication personal,” in 2007 Int. Conf. Intell. Adv. Syst.   IEEE, nov 2007, pp. 254–256.
  • [86] D. Gragnaniello, C. Sansone, and L. Verdoliva, “Iris liveness detection for mobile devices based on local descriptors,” Pattern Recognit. Lett., vol. 57, pp. 81–87, may 2015.
  • [87] Z. Jia, Y. Zhang, H. Shao, Y. Lin, and J. Wang, “A Remote User Authentication Scheme Using Bilinear Pairings and ECC,” in Sixth Int. Conf. Intell. Syst. Des. Appl., vol. 2.   IEEE, oct 2006, pp. 1091–1094.
  • [88] C.-L. Chen, “A secure and traceable E-DRM system based on mobile device,” Expert Syst. Appl., vol. 35, no. 3, pp. 878–886, oct 2008.
  • [89] “Android malware defeats two-factor authentication,” https://www.welivesecurity.com/2016/03/09/android-trojan-targets-online-banking-users/, accessed: 2018-03-11.
  • [90] “Android banking trojan masquerades as flash player and bypasses 2fa,” https://thestack.com/security/2016/01/18/android-malware-defeats-two-factor-authentication/, accessed: 2018-03-11.
  • [91] “Unhackable computer under development with 3.6m darpa grant,” http://ns.umich.edu/new/releases/25336-unhackable-computer-under-development-with-3-6m-darpa-grant, accessed: 2018-03-11.
  • [92] B. Li, R. Lu, W. Wang, and K.-K. R. Choo, “Distributed host-based collaborative detection for false data injection attacks in smart grid cyber-physical system,” Journal of Parallel and Distributed Computing, vol. 103, pp. 32–41, 2017.