Mobile device authentication has been a highly active research topic for over 10 years, with a vast range of methods having been proposed and analyzed. In related areas such as secure channel protocols, remote authentication, or desktop user authentication, strong, systematic, and increasingly formal threat models have already been established and are used to qualitatively and quantitatively compare different methods. Unfortunately, the analysis of mobile device authentication is often based on weak adversary models, suggesting overly optimistic results on their respective security. In this article, we first introduce a new classification of adversaries to better analyze and compare mobile device authentication methods. We then apply this classification to a systematic literature survey. The survey shows that security is still an afterthought and that most proposed protocols lack a comprehensive security analysis. Our proposed classification of adversaries provides a strong uniform adversary model that can offer a comparable and transparent classification of security properties in mobile device authentication methods.

中文翻译：

---

移动设备身份验证的对抗模型

十多年来，移动设备身份验证一直是一个非常活跃的研究课题，已经提出和分析了大量方法。在安全通道协议、远程身份验证或桌面用户身份验证等相关领域，已经建立了强大、系统且越来越正式的威胁模型，并用于定性和定量比较不同的方法。不幸的是，对移动设备身份验证的分析通常基于弱对手模型，这表明它们各自的安全性结果过于乐观。在本文中，我们首先介绍一种新的攻击者分类，以更好地分析和比较移动设备身份验证方法。然后，我们将此分类应用于系统的文献调查。调查表明，安全仍然是事后的想法，大多数提议的协议都缺乏全面的安全分析。我们提出的对手分类提供了一个强大的统一对手模型，可以在移动设备身份验证方法中提供可比较和透明的安全属性分类。