Secure Mobile Authentication With Blockchain

Secure Mobile Authentication With Blockchain | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Research Article Secure Mobile Authentication With Blockchain Naim Ajlouni, Vedat COSKUN, Busra OZDENIZCI KOSE This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-5258668/v1 This work is licensed under a CC BY 4.0 License Status: Posted Version 1 posted You are reading this latest preprint version Abstract The increasing reliance on smartphones for sensitive transactions has underscored the urgent need for robust authentication methods in mobile applications, especially in sectors such as finance and legal services. Traditional authentication mechanisms frequently fail to meet high-security standards due to inadequate integration of advanced biometric credentials. This paper presents a Blockchain-based Three-Factor Authentication (BC-3FA) system that enhances mobile security by integrating PIN/passwords, one-time passwords (OTPs), and biometric data through advanced cryptographic techniques, including Elliptic Curve Cryptography (ECC), Zero-Knowledge Proofs (ZKPs), and Post-Quantum Cryptography. By employing Distributed Ledger Technology (DLT) for the secure storage of encrypted user credentials, the BC-3FA system not only improves security but also safeguards user privacy. The model addresses the key elements of knowledge, possession, and inherent user traits, significantly strengthening user authentication. A thorough complexity analysis indicates that ECC is optimal for mobile environments due to its low computational overhead, while the shuffling mechanism operates with a complexity of O ( n log n ), making it feasible for mobile devices. Additionally, NIZKs and Bulletproofs ensure efficient ZKP processes, and while Post-Quantum ZKPs offer necessary future-proofing against quantum threats, they may require further optimization for practical use on mobile platforms. The implementation of the BC-3FA model demonstrates its effectiveness and reliability in enhancing mobile service security through comprehensive testing and validation in real-world scenarios. This study provides a comparative analysis with existing solutions and identifies avenues for future improvements, establishing the BC-3FA model as a robust and innovative approach to contemporary authentication challenges in the digital landscape. Theoretical Computer Science BC Multi Factor Authentication MFA Mobile Services Mobile Security ECC ZKPs Post-Quantum Cryptography User Privacy Full Text Additional Declarations The authors declare no competing interests. Cite Share Download PDF Status: Posted Version 1 posted You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-5258668","acceptedTermsAndConditions":true,"allowDirectSubmit":true,"archivedVersions":[],"articleType":"Research Article","associatedPublications":[],"authors":[{"id":365629741,"identity":"13744b84-353e-4ba9-a129-481bd9a94a81","order_by":0,"name":"Naim Ajlouni","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAABA0lEQVRIiWNgGAWjYFACxgYgwSYDYh74wMAAZjDwEKEFrObgDAYDHpgWCUJ2gVUy8xCjxZz9cOsGhho+Hn6J3IOHbWr+8PD3H2B88LaNoc68AbsWy57EthsMx9h4JGfkJRzOOWbAI3EjgdlwbhuDhMwB7FoMDoC0sLHxGNzIMTicwwZ0GJArzQvUgstlBucfArX8g2qx+GfAI3/+APtvvFpuAG1hbINqYWwz4DE4kMDGjF8L0JbEPqBfet4YHOztM+YxvJHYLDnnnITkDJwOS39248O3Y3L87DnGH358k5OTO3/44Ic3ZTb8eCMmgeEYMhccuQRjsoaQglEwCkbBKBjJAADMhVTIwBMyYQAAAABJRU5ErkJggg==","orcid":"https://orcid.org/0000-0002-5116-8933","institution":"Istanbul Atlas University","correspondingAuthor":true,"prefix":"","firstName":"Naim","middleName":"","lastName":"Ajlouni","suffix":""},{"id":365629742,"identity":"533f47a2-24af-4a57-b7a8-a5bf93440fc2","order_by":1,"name":"Vedat COSKUN","email":"","orcid":"https://orcid.org/0000-0003-3052-9821","institution":"Istanbul Atlas University","correspondingAuthor":false,"prefix":"","firstName":"Vedat","middleName":"","lastName":"COSKUN","suffix":""},{"id":365629743,"identity":"eab5c843-7a2e-46a8-af14-3ff00398feb6","order_by":2,"name":"Busra OZDENIZCI KOSE","email":"","orcid":"https://orcid.org/0000-0002-8414-5252","institution":"Gebze Technical University","correspondingAuthor":false,"prefix":"","firstName":"Busra","middleName":"OZDENIZCI","lastName":"KOSE","suffix":""}],"badges":[],"createdAt":"2024-10-14 06:50:48","currentVersionCode":1,"declarations":{"humanSubjects":false,"vertebrateSubjects":true,"conflictsOfInterestStatement":false,"humanSubjectEthicalGuidelines":false,"humanSubjectConsent":false,"humanSubjectClinicalTrial":false,"humanSubjectCaseReport":false,"vertebrateSubjectEthicalGuidelines":true},"doi":"10.21203/rs.3.rs-5258668/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-5258668/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":66727517,"identity":"8b9f90eb-5c12-4725-9a79-dbd39d9ebb06","added_by":"auto","created_at":"2024-10-16 02:33:16","extension":"pdf","order_by":1,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":831833,"visible":true,"origin":"","legend":"","description":"","filename":"SECUREMOBILEAUTHENTICATIONWITHBLOCKCHAINUTILLIZINGECCZKPSANDPOSTQUANTUMCRYPTOGRAPHY.pdf","url":"https://assets-eu.researchsquare.com/files/rs-5258668/v1_covered_e4858048-452b-409a-8162-1d757145e98b.pdf"}],"financialInterests":"The authors declare no competing interests.","formattedTitle":"\u003cp\u003eSecure Mobile Authentication With Blockchain\u003c/p\u003e","fulltext":[],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":false,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":true,"hideJournal":true,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":true,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":true,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true},"keywords":"BC, Multi Factor Authentication, MFA, Mobile Services, Mobile Security, ECC, ZKPs, Post-Quantum Cryptography, User Privacy","lastPublishedDoi":"10.21203/rs.3.rs-5258668/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-5258668/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eThe increasing reliance on smartphones for sensitive transactions has underscored the urgent need for robust authentication methods in mobile applications, especially in sectors such as finance and legal services. Traditional authentication mechanisms frequently fail to meet high-security standards due to inadequate integration of advanced biometric credentials. This paper presents a Blockchain-based Three-Factor Authentication (BC-3FA) system that enhances mobile security by integrating PIN/passwords, one-time passwords (OTPs), and biometric data through advanced cryptographic techniques, including Elliptic Curve Cryptography (ECC), Zero-Knowledge Proofs (ZKPs), and Post-Quantum Cryptography. By employing Distributed Ledger Technology (DLT) for the secure storage of encrypted user credentials, the BC-3FA system not only improves security but also safeguards user privacy. The model addresses the key elements of knowledge, possession, and inherent user traits, significantly strengthening user authentication. A thorough complexity analysis indicates that ECC is optimal for mobile environments due to its low computational overhead, while the shuffling mechanism operates with a complexity of \u003cem\u003eO\u003c/em\u003e(\u003cem\u003en log n\u003c/em\u003e), making it feasible for mobile devices. Additionally, NIZKs and Bulletproofs ensure efficient ZKP processes, and while Post-Quantum ZKPs offer necessary future-proofing against quantum threats, they may require further optimization for practical use on mobile platforms. The implementation of the BC-3FA model demonstrates its effectiveness and reliability in enhancing mobile service security through comprehensive testing and validation in real-world scenarios. This study provides a comparative analysis with existing solutions and identifies avenues for future improvements, establishing the BC-3FA model as a robust and innovative approach to contemporary authentication challenges in the digital landscape.\u003c/p\u003e","manuscriptTitle":"Secure Mobile Authentication With Blockchain","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2024-10-16 02:25:08","doi":"10.21203/rs.3.rs-5258668/v1","editorialEvents":[{"type":"communityComments","content":0}],"status":"published","journal":{"display":true,"email":"[email protected]","identity":"researchsquare","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":true,"externalIdentity":"","sideBox":"","snPcode":"","submissionUrl":"/submission","title":"Research Square","twitterHandle":"researchsquare","acdcEnabled":true,"dfaEnabled":false,"editorialSystem":"","reportingPortfolio":"","inReviewEnabled":false,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"be77ce77-5bef-452b-bd96-a20b94708e8e","owner":[],"postedDate":"October 16th, 2024","published":true,"recentEditorialEvents":[],"rejectedJournal":[],"revision":"","amendment":"","status":"posted","subjectAreas":[{"id":38997168,"name":"Theoretical Computer Science"}],"tags":[],"updatedAt":"2024-10-16T02:25:08+00:00","versionOfRecord":[],"versionCreatedAt":"2024-10-16 02:25:08","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-5258668","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-5258668","identity":"rs-5258668","version":["v1"]},"buildId":"8U1c8b4HqxoKbykW_rLl7","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}