One-Time Password System with Infinite Nested Hash Chains

被引:0
作者
Eldefrawy, Mohamed Hamdy [1 ]
Khan, Muhammad Khurram [1 ]
Alghathbar, Khaled [1 ]
机构
[1] King Saud Univ, Ctr Excellence Informat Assurance CoEIA, Riyadh 11451, Saudi Arabia
来源
SECURITY TECHNOLOGY, DISASTER RECOVERY AND BUSINESS CONTINUITY | 2010年 / 122卷
关键词
One Time Password; Lamport Hashing; Nested Hash Chains; Authentication's Factors; AUTHENTICATION; CRYPTANALYSIS;
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Hash chains have been used as OTP generators. Lamport hashes have an intensive computation cost and a chain length restriction. A solution for signature chains addressed this by involving public key techniques, which increased the average computation cost. Although a later idea reduced the user computation by sharing it with the host, it couldn't overcome the length limitation. The scheme proposed by Chefranov to eliminate the length restriction had a deficiency in the communication cost overhead. We here present an algorithm that overcomes all of these shortcomings by involving two different nested hash chains: one dedicated to seed updating and the other used for OTP production. Our algorithm provides forward and non-restricted OTP generation. We propose a random challenge response operation mode. We analyze our proposal from the viewpoint of security and performance compared with the other algorithms.
引用
收藏
页码:161 / 170
页数:10
相关论文
共 18 条
[1]   Two Factor Authentication Using Mobile Phones [J].
Aloul, Fadi ;
Zahidi, Syed ;
El-Hajj, Wassim .
2009 IEEE/ACS INTERNATIONAL CONFERENCE ON COMPUTER SYSTEMS AND APPLICATIONS, VOLS 1 AND 2, 2009, :641-+
[2]   Infinite length hash chains and their applications [J].
Bicakci, K ;
Baykal, N .
WET ICE 2002: ELEVENTH IEEE INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES, PROCEEDINGS, 2002, :57-61
[3]   One-Time Password Authentication with Infinite Hash Chains [J].
Chefranov, Alexander G. .
NOVEL ALGORITHMS AND TECHNIQUES IN TELECOMMUNICATIONS, AUTOMATION AND INDUSTRIAL ELECTRONICS, 2008, :283-286
[4]   Broadcast Authentication for Wireless Sensor Networks Using Nested Hashing and the Chinese Remainder Theorem [J].
Eldefrawy, Mohamed Hamdy ;
Khan, Muhammad Khurram ;
Alghathbar, Khaled ;
Cho, Eun-Suk .
SENSORS, 2010, 10 (09) :8683-8695
[5]   The N/R one time password system [J].
Goyal, V ;
Abraham, A ;
Sanyal, S ;
Han, SY .
ITCC 2005: International Conference on Information Technology: Coding and Computing, Vol 1, 2005, :733-738
[6]  
Haller N. M., 1994, Proceedings Internet Society Symposium on Network and Distributed System Security 1994, P151
[7]   Improving the security of 'a flexible biometrics remote user authentication scheme' [J].
Khan, Muhammad Khurram ;
Zhang, Jiashu .
COMPUTER STANDARDS & INTERFACES, 2007, 29 (01) :82-85
[8]   Cryptanalysis and Security Improvements of 'Two-Factor User Authentication in Wireless Sensor Networks' [J].
Khan, Muhammad Khurram ;
Alghathbar, Khaled .
SENSORS, 2010, 10 (03) :2450-2459
[9]   Fingerprint Biometric-based Self-Authentication and Deniable Authentication Schemes for the Electronic World [J].
Khan, Muhammad Khurram .
IETE TECHNICAL REVIEW, 2009, 26 (03) :191-195
[10]   A Design of One-Time Password Mechanism using Public Key Infrastructure [J].
Kim, Hyun-Chul ;
Lee, Hong-Woo ;
Lee, Kyung-Seok ;
Jun, Moon-Seog .
NCM 2008 : 4TH INTERNATIONAL CONFERENCE ON NETWORKED COMPUTING AND ADVANCED INFORMATION MANAGEMENT, VOL 1, PROCEEDINGS, 2008, :18-24
12