Token Based Authentication Method Using Bluetooth Enabled Mobile Phone

Authentication is a mechanism to establish proof of identities; it ensures the right identification of a particular user or a particular system or device. Authentication is the first step in any cryptography solution, because unless the device knows who is using it, there is no point in encrypting device's contents. Current PC, laptop user authentication systems are always done once and held until it is explicitly revoked by the user, or frequently asking the user to reestablish his identity which encourages him to disable the authentication. In this thesis we propose a new model of authentication for laptop devices using a Bluetooth-enabled mobile phone. In this model the Bluetooth-enabled mobile phone works as an authentication token that provides the authentication for laptop over a Bluetooth short-range wireless link. The user doesn't need to authenticate frequently. Instead, the mobile phone continuously authenticate with the laptop by means of the shortrange wireless link. This model ensures that a non-legitimate user's mobile phone cannot provide authentication services to other user's laptops, and it uses an authenticated and encrypted Bluetooth wireless link to ensure that there is no eavesdropping, modification, and insertion of messages traveled over the link.