COMPUTER SCIENCE
and ENGINEERING

To avoid privacy breach in mobile identity authentication based on SMS, this paper proposes a scheme of data separation that separates telephone number from server of service provider and stores it on trusted third-party server. This scheme details the constitution of TTPS, the master function of every part and the communication of TTPS with other servers. We propose a way of dynamic key delivery by encrypting SMVC by SK to avoid the collusion of SSP and SMS Platform and a method of SSP granting its access to SMS Platform to TTPS. Finally we analyze the performance of scheme from the aspects of system security and time efficiency and prove it valid.

Privacy protection, Mobile identity authentication, SMS, Dynamic secret key, Data separation, Trust thirty party.Text