Authentication and integrity are the prerequisites for trustworthy and secure communication. Without unambiguous knowledge of who is being interacted with, no confidential content can be exchanged, no (remote) access to systems and equipment can be granted, and no trust can be established. This situation is further exacerbated by an increasing interconnection and globalization towards a hyperconnected world. (Communication) Participants are no longer necessarily in close physical and social proximity and do not need to know each other, but can have their source/destination anywhere in the world.
 An authentication process is used to verify that someone -whether human or machine-, is in fact who she claims to be: The process thus includes a validation step to evaluate an assertion. However, systems differ in terms of their requirements, for instance with regard to the authentication options available, the time period required for re-authentication and the frequency of re-authentication, as well as the level of security to be achieved with authentication. The latter particularly with regard to the cost/benefit ratio of the application. Additionally, there are efforts to finally abolish traditional passwords, passphrases and pin codes and render them obsolete.
 In this work, technologies and methods for authentication beyond passwords and trustworthy authentication will be examined, particularly with regard to future communication infrastructures such as Beyond 5G and Sixth Generation (6G) wireless systems. Thereby, the impact of Artificial Intelligence (AI) methods, but also the relevance to Quantum Key Distribution (QKD) and Post Quantum Cryptography, as well as the use of 6G-enabling technologies like Reconfigurable Intelligent Surfaces (RISs), Wireless Optical Communication (WOC) and Physical Layer Security (PhySec), for example as additional factors of a multi-factor authentication process, will be considered, along with Body Area Networks (BANs) and the integration of the human body relying on biometrics. The various concepts are compared with regard to their requirements, limitations and possible applications in order to provide the user with an orientation as to which authentication method is conceivable and useful in which specific scenarios.
Read full abstract