Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Joonggil PARK, Bongjoo PARK, Jongyoul PARK, Jae-cheol RYOU, "The Improved One-Time Password Algorithm Using Time" in IEICE TRANSACTIONS on Information,
vol. E85-D, no. 12, pp. 1962-1966, December 2002, doi: .
Abstract: Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.
URL: https://global.ieice.org/en_transactions/information/10.1587/e85-d_12_1962/_p
Copy
@ARTICLE{e85-d_12_1962,
author={Joonggil PARK, Bongjoo PARK, Jongyoul PARK, Jae-cheol RYOU, },
journal={IEICE TRANSACTIONS on Information},
title={The Improved One-Time Password Algorithm Using Time},
year={2002},
volume={E85-D},
number={12},
pages={1962-1966},
abstract={Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.},
keywords={},
doi={},
ISSN={},
month={December},}
Copy
TY - JOUR
TI - The Improved One-Time Password Algorithm Using Time
T2 - IEICE TRANSACTIONS on Information
SP - 1962
EP - 1966
AU - Joonggil PARK
AU - Bongjoo PARK
AU - Jongyoul PARK
AU - Jae-cheol RYOU
PY - 2002
DO -
JO - IEICE TRANSACTIONS on Information
SN -
VL - E85-D
IS - 12
JA - IEICE TRANSACTIONS on Information
Y1 - December 2002
AB - Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.
ER -