FIDO based Password Less Authentication System for E-Bikes
DOI:
https://doi.org/10.21467/proceedings.7.6.8Keywords:
Electric bikes, Fast Identity Online (FIDO), Password-less authenticationAbstract
Recently, E-Bikes (electric bikes) are widely used in the market. The method of user authentication is crucial for electrical bikes. Once the user has successfully completed the authentication process to confirm their login, they can use the bike. Despite the availability of numerous authentication systems, ID/PW authentication remains popular due to its low cost and convenience. However, users who employ ID/PW techniques are not very secure. The passwords can be cracked by the illegitimate people and they can use the electric bikes. As a result, we provide a FIDO-based password-less authentication system for securing electric bikes. It ensures strong and secure hardware-based authentication and resists various attacks related to traditional password authentication systems. The proposed mechanism ensured greater security for utilizing electric bikes effectively by using an application that enabled a hardware security key for login, which stored the passkey and was used at the time of login without requiring any password. In addition, the proposed authentication protocol is validated using AVISPA tool by feeding input in the format of HLPSL and obtained result as SAFE which implies that the proposed authentication protocol is highly secure against the vulnerable attacks like phishing, MITM and replay attacks.
References
[1] Anna Angelogianni, Ilias Politis, and Christos Xenakis. 2024. How many FIDO protocols are needed? Analyzing the technology, security, and compliance. ACM Comput. Surv. 56, 8, Article 214 (August 2024), 51 pages. https://doi.org/10.1145/3654661
[2] Wenxuan Xu, Zejun Yan, Qijun Zhang, and Weifa Zheng. 2024. Research on FIDO Authentication Based on IPv6. In Proceedings of the 2023 International Conference on Artificial Intelligence, Systems and Network Security (AISNS 23). Association for Computing Machinery, New York, NY, USA, 448–451.https://doi.org/10.1145/3661638.3661723
[3] Parmar, Viral, et al. "A comprehensive study on password less authentication." 2022 International Conference on Sustainable Computing and Data Communication Systems (ICSCDS). IEEE, 2022.
[4] H. Kim, D. Lee and J. Ryou, "User Authentication Method using FIDO based Password Management for Smart Energy Environment," 2020 International Conference on Data Mining Workshops (ICDMW), Sorrento, Italy, 2020, pp. 707-710
[5] Chadwick, David W., et al. "Improved identity management with verifiable credentials and fido." IEEE Communications Standards Magazine 3.4 (2019): 14-20.
[6] Das, Sanchari, et al. "A qualitative study on usability and acceptability of Yubico security key." Proceedings of the 7th workshop on socio- technical aspects in security and trust. 2018.
[7] Simon D. Fink, Lukasz Golab, S. Keshav, and Hermann de Meer. 2017. How Similar is the Usage of Electric Cars and Electric Bicycles? In Proceedings of the Eighth International Conference on Future Energy Systems (e-Energy '17). Association for Computing Machinery, New York, NY, USA, 334–340. https://doi.org/10.1145/3077839.3078464
[8] M. Morii et al., "Research on Integrated Authentication Using Passwordless Authentication Method," 2017 IEEE 41st Annual Computer Software and Applications Conference (COMPSAC), Turin, Italy, 2017, pp. 682-685
[9] Hu, Kexin, and Zhenfeng Zhang. "Security analysis of an attractive online authentication standard: FIDO UAF protocol." China Communications 13.12 (2016): 189-198.
[10] Künnemann, Robert, and Graham Steel. "YubiSecure? Formal security analysis results for the Yubikey and YubiHSM." Security and Trust Management: 8th International Workshop, STM 2012, Pisa, Italy, September 13-14, 2012, Revised Selected Papers 8. Springer Berlin Heidelberg, 2013.
Downloads
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
