DOI QR코드

DOI QR Code

New OTP Authentication Approach based on Table Pattern Schedule

테이블 패턴 스케줄 기반 OTP 인증

  • Balilo, Benedicto B. Jr. (Bicol University, Legazpi City, Technological Institute of the Philippines, Quezon City, West Visyas State University) ;
  • Gerardo, Bobby D. (Bicol University, Legazpi City, Technological Institute of the Philippines, Quezon City, West Visyas State University) ;
  • Medina, Ruji P. (Bicol University, Legazpi City, Technological Institute of the Philippines, Quezon City, West Visyas State University) ;
  • Byun, Yung-Cheol (Dept. of Computer Engineering, Jeju National University)
  • Received : 2017.10.16
  • Accepted : 2017.11.14
  • Published : 2017.12.01

Abstract

This paper presents a new one-time password approach generated based on $4{\times}4$ pattern schedule. It demonstrates generation of passkey from initial seed of random codes and mapping out in table pattern schedule which will produce a new form of OTP scheme in protecting information or data. The OTP-2FA has been recognized by many organizations as a landmark to authentication techniques. OTP is the solution to the shortcomings of the traditional user name/password authentication. With the application of OTP, some have benefited already while others have had second thoughts because of some considerations like cryptographic issue. This paper presents a new method of algorithmic approach based on table schedule (grid authentication). The generation of OTP will be based on the random parameters that will be mapped out in rows and columns allowing the user to form the XY values to get the appropriate values. The algorithm will capture the values and extract the predefined characters that produce the OTP codes. This scheme can work in any information verification system to enhance the security, trust and confidence of the user.

Keywords

References

  1. QueensLand Government, "Disaster Management Phases. The State of Queenland 2010-2013," http://www.disaster.qld.gov.au dated January 6, 2017.
  2. Phil-Japan. Philippines, Japan sign agreement on disaster communication, http://www.gov.ph, 2014.
  3. Zukime, M., Junoh, M., Osman, A., Ab Halim, M.S. & Adbullah, S. "Data Security: Issues And Challenges For Disaster Management In The New Millennium," International Journal of Scientific & Technology Research 3(8), 2014.
  4. Semer, L.J., "Disaster recovery planning for the distributed environment," Internal Auditor, Vol. 55 No. 6, pp. 41-47, 1998.
  5. Javidan, R. & Pirbonyeh, M.A., "A new security algorithm for electronic payment via mobile phones," 3rd International Symposium on Applied Sciences in Biomedical and Communication Technologies, 2010.
  6. Lacona, L. J., "Lamport's one-time password algorithm. A design pattern for securing client/service interactions with OTP," http://www.javaworld.com/article/2078022/open-source-tools/lamport-s-one-time-password-algori thm-or-don-t-talk-to-complete-strangers--.html, 2017.
  7. Shally & Singh Aujla, G., "A Review of One Time Password Mobile Verification," International Journal of Computer Science Engineeringand Information Technology Research, Vol. 4, Issue 3, pp. 113-118, 2009.
  8. Fan, Y.T. and Su, G.P., "Design of two-way one-timepassword authentication scheme based on true random numbers," 2nd International Workshop on Computer Science and Engineering, vol. 1, pp. 11-14, 2009.
  9. Chen, X.J., Xu, F., et al. (n.d.). "A Practical Real-Time Authentication System with Identity Tracking Based on Mouse Dynamics," INFOCOM, pp. 121-122, 2014.
  10. El-Booz, S.A., Attiya, G., and El-Fishawy, N. (2015). "A secure cloud storage system combining Time-based One Time Password and Automatic Blocker Protocol," 11th International Computer Engineering Conference: Today Information Society What's Next?, pp. 188-194, 2016.
  11. Sudhakar, K., Srikanth, S., & Sethuraman, M., "Secured mutual authentication between two entities," IEEE 9th International Conference on Intelligent Systems and Control, DOI: 10.1109/ISCO.2015.7282338, 2015.
  12. Huang, Y., Huang, Z., Zhao, H., and Lai, X., "A new One-time Password Method," IERI, 2013.
  13. Li, Y., "Research on e-business identity authentication system based on improved one-time password," International Conference on Wireless Communications, Networking and Mobile Computing, pp.1-5, 2008.
  14. Davaanaym, B., Lee, Y.S., Lee, H, Lee, S., and Lim, H., "A Ping Pong based one-time-passwords authentication system," 5th International Joint Conference on INC, IMS, and IDC, pp. 574-579, 2009.
  15. Sediyono, E., Santoso, K. I. and Suhartono, "Secure login by using One-time Password authentication based on MD5 Hash encrypted SMS," International Conference on Advances in Computing, Communications and Informatics, pp. 1604-1608, 2013.
  16. Alghathbar, K. and Mahmoud, H.A., "Noisy password scheme: A new one time password system," Canadian Conference on Electrical and Computer Engineering, pp. 841-846, 2009.
  17. Kumar, D., Agrawal, A. & Goyal, P., International Conference on Advances in Computer Engineering and Applications. IMS Engineering College, Ghaziabad, India. 978-4673-6911-4/15, 2015.
  18. Liao, K.C., Lee, W.H., Sung, M.H., & Lin, T.C., "A one-time password scheme with QR-code based on mobile phone," International Joint Conference on INC, IMS, and IDC, pp. 2069-2071, 2009.
  19. Sodhi, B., "Using dropped call as an authentication factor," 15th IEEE International Conference on Computer and Information Technology, pp. 2031-2035, 2015.
  20. Margosis, A. "Problems of Privilege: Find and Fix LUA Bugs," Microsoft, 2006.