Authentication Protocols Based on One-Time Passwords

被引:0
|
作者
Babkin, Sergey [1 ]
Epishkina, Anna [1 ]
机构
[1] Natl Res Nucl Univ MEPhI, Cryptol & Cybersecur Dept, Moscow, Russia
来源
PROCEEDINGS OF THE 2019 IEEE CONFERENCE OF RUSSIAN YOUNG RESEARCHERS IN ELECTRICAL AND ELECTRONIC ENGINEERING (EICONRUS) | 2019年
关键词
authentication; two-factor authentication; one-time password; protocol; vulnerability; information security;
D O I
10.1109/eiconrus.2019.8656839
中图分类号
TM [电工技术]; TN [电子技术、通信技术];
学科分类号
0808 ; 0809 ;
摘要
Nowadays one-time passwords are used in a lot of areas of information technologies including e-commerce. A few vulnerabilities in authentication protocols based on one-time passwords are widely known. In current work, we analyze authentication protocols based on one-time passwords and their vulnerabilities. Both simple and complicated protocols which are implementing cryptographic algorithms are reviewed. For example, an analysis of relatively old Lamport's hash-chain protocol is provided. At the same time, we examine HOTP and TOTP protocols which are actively used nowadays. The main result of the work are conclusions about the security of reviewed protocols based on one-time passwords.
引用
收藏
页码:1794 / 1798
页数:5
相关论文
共 50 条
  • [1] One-Time Passwords: A Literary Review of Different Protocols and Their Applications
    Almeida, Luis E.
    Fernandez, Brayan A.
    Zambrano, Daliana
    Almachi, Anthony I.
    Pillajo, Hilton B.
    Yoo, Sang Guun
    [J]. ADVANCED RESEARCH IN TECHNOLOGIES, INFORMATION, INNOVATION AND SUSTAINABILITY, PT 2, ARTIIS 2023, 2024, 1936 : 205 - 219
  • [2] Independent one-time passwords
    Rubin, AD
    [J]. COMPUTING SYSTEMS, 1996, 9 (01): : 15 - 27
  • [3] Dynamic Group Time-Based One-Time Passwords
    Cao, Xuelian
    Yang, Zheng
    Ning, Jianting
    Jin, Chenglu
    Lu, Rongxing
    Liu, Zhiming
    Zhou, Jianying
    [J]. IEEE TRANSACTIONS ON INFORMATION FORENSICS AND SECURITY, 2024, 19 : 4897 - 4913
  • [4] Response: Independent one-time passwords
    Rubin, AD
    [J]. COMPUTING SYSTEMS, 1996, 9 (03): : 257 - 257
  • [5] One-time passwords: Security analysis using BAN logic and integrating with smartcard authentication
    Bicakci, K
    Baykal, N
    [J]. COMPUTER AND INFORMATION SCIENCES - ISCIS 2003, 2003, 2869 : 794 - 801
  • [6] Mobile one-time passwords: two-factor authentication using mobile phones
    Eldefrawy, Mohamed Hamdy
    Khan, Muhammad Khurram
    Alghathbar, Khaled
    Kim, Tai-Hoon
    Elkamchouchi, Hassan
    [J]. SECURITY AND COMMUNICATION NETWORKS, 2012, 5 (05) : 508 - 516
  • [7] Covert Channels in One-Time Passwords Based on Hash Chains
    Keller, Jorg
    Wendzel, Steffen
    [J]. EUROPEAN INTERDISCIPLINARY CYBERSECURITY - EICC 2020, 2020,
  • [8] One-Time Passwords: Resistance to Masquerade Attack
    Babkin, Sergey
    Epishkina, Anna
    [J]. POSTPROCEEDINGS OF THE 9TH ANNUAL INTERNATIONAL CONFERENCE ON BIOLOGICALLY INSPIRED COGNITIVE ARCHITECTURES (BICA 2018), 2018, 145 : 199 - 203
  • [9] Controversy rejoinder: Independent one-time passwords
    Adams, J
    [J]. COMPUTING SYSTEMS, 1996, 9 (03): : 255 - 256
  • [10] Demo: Human-Computable One-Time Passwords
    Matelski, Slawomir
    [J]. 2022 IEEE/ACM 7TH SYMPOSIUM ON EDGE COMPUTING (SEC 2022), 2022, : 289 - 290
12345