Secure System Logon Based on IBC and Mobile Terminal

摘要

Password-based authentication is widely used due to its simplicity but it is not secure. Systems with high security requirements often employ public key infrastructure (PKI) technology, but PKI is complex and requires users to perform certificate related operations manually. Furthermore, it requires portable cryptographic hardware devices such USB keys to secure the users' private keys and to perform the cryptographic operations. This imposes additional costs on the users, and these devices may not work in some cases such as when the USB ports of a computer are sealed or removed due to security consideration. To address these issues, we propose a secure system logon approach based on identity based cryptography (IBC) and mobile terminal, with three different schemes, and analyze the advantages of the proposed schemes. The approach presented is promising.