• Title/Summary/Keyword: one time password (OTP)

Search Result 128, Processing Time 0.023 seconds

Inter-Authentication which utilize One-Time Password (One-Time Password를 이용한 상호인증)

  • 강민정;강민수;신현식;김현덕;박연식
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2001.10a
    • /
    • pp.510-513
    • /
    • 2001
  • OTP(One-time Password) had been used much by method to do user certification so far. Because aspect that user certification that use OTP is efficient and economical fairly is much, it is one of method that can use easily. This treatise would apply OTP in message authentication and wishes to show that OTP is available for inter-authentication. First, examine about OTP's characteristic and overview in introduction, and explain about user certification method to use OTP in main discourse and method of message certification. And finally. wish to examine how OTP offers inter-authentication function.

  • PDF

A Digital Door Lock System Using Time- Synchronous One Time Password (시간 동기 방식의 OTP를 이용한 디지털 도어락 시스템)

  • Hwang, Hyung-Jin;Kim, Kweon-Yang;Ha, Il-Kyu
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.21 no.5
    • /
    • pp.1027-1034
    • /
    • 2017
  • Recently, OTP (One-time-Password) log-in methods have been used in many areas to prevent leakage of personal information and enhance security. The OTP method is primarily used for security of bank personal account, this is one of the sophisticated security ways in which one time password is generated and checked to enhance security. Digital door locks frequently used in everyday life require convenience and safety simultaneously. Meanwhile, related technologies for digital door locks are evolving, but methods for enhancement of security are still unsatisfactory. Generally, the digital door lock using password input type has been most commonly used and especially it provides more convenience, but it has some problems such as password exposure and password oblivion. Therefore, in this study, we propose and implement the OTP-based digital door lock system with enhanced security and convenience features but without the risk of password exposure and oblivion.

On a Enhanced Mobile OTP generator design using Transaction (이체정보를 활용한 강화된 모바일 OTP 생성기 설계)

  • Park, Beum-Su;Cho, Sang-Il;Kim, Tae-Yong;Lee, Hoon-Jae
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2010.10a
    • /
    • pp.227-228
    • /
    • 2010
  • Generated One-Time Password (OTP) is used only once. This attributes is to safety than to repeated use the same password. Recently, Park's proposed on "Design of A One-time Password Generator on A Mobile Phone Providing An Additional Authentication for A Particular Transaction" use challenge-response based one-time password generator. However, Challenge exchange problem and currently OTP the same security level. In this paper, Park's proposed OTP generator design for us analysis. And then presents a resolution to the problem and new system logic. New system strong to Man-In-Middle attack and replay attack. In addition, OTP security level is higher.

  • PDF

HB+ protocol-based Smart OTP Authentication (HB+ 프로토콜 기반의 스마트 OTP 인증)

  • Shin, Ji Sun
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.25 no.5
    • /
    • pp.993-999
    • /
    • 2015
  • OTP(One time password) is widely used as an authentication method for financial and other security-sensitive transactions. OTP provides strong security since each password is used only one time while normal password-based authentications use passwords as long term secrets. However, OTP-based authentications relatively lack usability since they require users to hold an OTP card or generator. To overcome such a problem, smartphones start replacing OTP cards and such a method is called smart OTP. However, smart OTP inherits security vulnerabilities that smartphones have. In this paper, we propose a smart OTP authentication based on an extremely light authentication protocol called HB+. HB+ protocol is developed for low-cost devices and has small communication and computation costs. We present our solution and discuss its security, efficiency and practicality. Our contribution is providing a method to securely use smart OTP without losing its efficiency and usability.

OTP Authentication Protocol Using Stream Cipher with Clock-Counter (클럭 카운트를 이용한 스트림 암호의 OTP 인증 프로토콜)

  • Cho, Sang-Il;Lee, Hoon-Jae;Lee, Sang-Gon;Lim, Hyo-Taek
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.13 no.10
    • /
    • pp.2113-2120
    • /
    • 2009
  • User authentication has been one of the most important part of the network system. OTP(One-Time Password) has been developed and applied to the existing authentication system. OTP makes a different password and abrogates used password each time when user is authenticated by the server. Those systems prevent stolen-key-problems which is caused by using the same key every log-in trial. Yet, OTP still has vulnerabilities. In this paper, an advanced protocol which is using clock-count method to apply a stream cipher algorithm to OTP protocols and to solve problems of existing OTP protocols is proposed.

One-Handled The Mobile One-Time Password Scheme (단일 제어 모바일 일회용 패스워드 기법)

  • Choi, Jong-Seok;Kim, Ho-Won
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.37 no.6C
    • /
    • pp.497-501
    • /
    • 2012
  • While increasing online services with developing e-businesses, finance, game companies and others have employed OTP(One-Time Password) to overcome vulnerabilities of static passwords. Existing OTP technology has inconvenience that customers always possess reserved token since requiring the token to generate OTP. In order to supplement the issue we propose mobile OTP generated by mobile devices such as smart phones. Our mobile OTP scheme generates OTP by using a non-linear function based on pairing to eject the collision problem of S/Key scheme universally used to design OTP schemes. Our scheme based on a non-linear function over pairing can complements the collision problem and widely applied to finance and various services to increase security level of the services.

An Extension of Firmware-based LFSR One-Time Password Generators

  • HoonJae Lee;ByungGook Lee
    • International journal of advanced smart convergence
    • /
    • v.13 no.2
    • /
    • pp.35-43
    • /
    • 2024
  • In this paper, we propose two 127-bit LFSR (Linear Feedback Shift Register)-based OTP (One-Time Password) generators. One is a 9-digit decimal OTP generator with thirty taps, while the other is a 12-digit OTP generator with forty taps. The 9-digit OTP generator includes only the positions of Fibonacci numbers to enhance randomness, whereas the 12-digit OTP generator includes the positions of prime numbers and odd numbers. Both proposed OTP generators are implemented on an Arduino module, and randomness evaluations indicate that the generators perform well across six criteria and are straightforward to implement with Arduino.

Design of One-Time-Pad based on PKI Coordinates Technique for a Safe Key Transmission in E-Commerce Applications (전자상거래 응용에서 안전한 키 전송을 위한 PKI 좌표기법 One-Time-Pad의 설계)

  • Lee, Kil-Hun;Jun, Moon-Seok;Choi, Do-Hyeon
    • The Journal of the Institute of Internet, Broadcasting and Communication
    • /
    • v.15 no.5
    • /
    • pp.51-60
    • /
    • 2015
  • As electronic commerce service became more popular, information equivalent to currency prevails in network. Accordingly, hacking into network often occurs and thus OTP (One-Time-Password) has emerged as an alternative secondary security system. However, weakness has been found in even existing One-Time Password that used to be considered 'perfect'. Therefore, it becomes very urgent to have an additional security countermeasure. As security recommendation is not considered as solution anymore, more specific plan becomes necessary. The present study proposes PKI coordinates technique-based OTP (One-Time-Pad) for a safe key transmission in E-commerce.

Secure FTP Technique with TLS and OTP (TLS와 OTP를 이용한 보안 FTP 기법)

  • Kim, Eui-jeong;Seo, Tae-ho
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2019.05a
    • /
    • pp.197-200
    • /
    • 2019
  • File Transfer Protocol (FTP) is a protocol for transferring files between computers, FTPS with TLS, and SFTP based on similar SSH. The keynote to apply one-time password (OTP) has been diffused to resolve identity and password theft cases. In this paper, it has been confirmed that both data transmission and identity authentication using OTP at TLS level are possible without significant change in user client.

  • PDF

OTP Authentication Protocol using PingPong-128 (PingPong-128을 이용한 OTP 인증 프로토콜)

  • Lee, Jang-Chun;Lee, Hoon-Jae;Lim, Hyo-Taek;Lee, Sang-Gon
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.12 no.4
    • /
    • pp.661-669
    • /
    • 2008
  • Nowadays, authentication is essential to identify the legal users in a network communication. Usually, there are few wars to achieve authentication over a publicly accessible network system in order to protect certain private data from the unauthorized users, ranging from simple ID/Password to Biometrics System. One of the most active areas in OTP(One Time Password) research today aims at exploiting OTP to provide authentication in the finance and security industry. OTP is usually discarded once it has been used. this prevents huge loophole of traditional authentication system which employs the same ID and Password every time. However this OTP system also has its weaknesses in surviving some attacks. this paper proposes an advanced OTP protocol using PingPong-128 without loop hole of pre-existing OTP.