Todays small devices get more and more the possibility to communicate. This makes it more and more important to think about security problems. One part of secure communication is the authentication of the communication partner. The communication partners have to prove to each other that they are who they pretend to be.
In this work we compared several authentication protocols to evaluate their suitability for usage on small devices. We chose four examples which cover the four main categories of authentication protocols: password-, public-key, secret-key, and zero-knowledge authentication. In a first step we analyzed them regarding to the number of exchanged messages and their computational complexity. In a second step two of the protocols were implemented for a Nokia 6610 mobile phone with Java MIDlets as small Device. The counterpart on the server side was realized using Java Servlets. We measured the times the protocols needed to accomplish their task. The results of those two steps were compared.
We concluded that the number of exchanged messages and in particular the communication latency had a more significant influence on the results than the computational complexity of the protocols.
Available as PDF (271 kB, no cover) and PDF (1.25 MB, no cover)
Download BibTeX entry.