How to construct random functions
Journal of the ACM (JACM)
ACM Transactions on Computer Systems (TOCS)
Password authentication with insecure communication
Communications of the ACM
Handbook of Applied Cryptography
Handbook of Applied Cryptography
The Logic of Authentication Protocols
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
An Efficient Identification Scheme Based on Permuted Kernels (Extended Abstract)
CRYPTO '89 Proceedings of the 9th Annual International Cryptology Conference on Advances in Cryptology
A password authentication scheme over insecure networks
Journal of Computer and System Sciences
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Password strength: an empirical analysis
INFOCOM'10 Proceedings of the 29th conference on Information communications
Password Entropy and Password Quality
NSS '10 Proceedings of the 2010 Fourth International Conference on Network and System Security
Robust one-time password authentication scheme using smart card for home network environment
Computer Communications
On the security of a two-factor authentication scheme
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Provably secure three party encrypted key exchange scheme with explicit authentication
Information Sciences: an International Journal
Hi-index | 0.00 |
This paper proposes a novel one-time password (OTP) mutual authentication scheme based on challenge/response mechanisms. In the scheme, random sub-passwords and corresponding hashes are shared between a user and a server, respectively. By performing modular algebraic operations on two or more randomly chosen sub-passwords, relatively independent OTPs can be produced in the scheme. The used sub-passwords are renewed according to random permutation functions. With tens of random sub-passwords, we can get enough OTPs that can meet the practical needs. The stores and calculations can be implemented with a microcomputer in the user@?s terminal. At the same time, the scheme can provide sufficient security in ordinary applications.