A Scalable Transitive Human-Verifiable Authentication Protocol for Mobile Devices

The man-in-the-middle (MITM) attack is the major threat for handheld devices to agree on a session key in which they do not share any prior secret in advance, even if these devices are physically located in the same place. Apart from insecurely typing passwords into handheld devices or comparing long hexadecimal keys displayed on the devices´ screens, many other human-verifiable protocols have been proposed in the literature to solve the problem. Unfortunately, most of these schemes are unscalable to more users. Even when there are only three entities attempting to agree on a session key, these protocols need to be rerun three times. In this paper, we present a bipartite and a tripartite authentication protocol using a temporary confidential channel. Besides, we further extend the system into a transitive authentication protocol that allows multiple handheld devices to establish a conference key securely and efficiently. In addition, we provide a formal proof to our protocol to demonstrate our scheme is indeed secure. We also implement the prototype of the system on a mobile phone with satisfying performance.