Summary
|
For Full-Text PDF, please login, if you are a member of IEICE, or go to Pay Per View on menu list, if you are a nonmember of IEICE. |
|
A Secure One-Time Password Authentication Scheme Using Smart Cards Tzu-Chang YEH Hsiao-Yun SHEN Jing-Jang HWANG Publication IEICE TRANSACTIONS on Communications Vol.E85-B No.11 pp.2515-2518 Publication Date: 2002/11/01 Online ISSN: DOI: Print ISSN: 0916-8516 Type of Manuscript: LETTER Category: Fundamental Theories Keyword: authentication, one-time password, smart card, replay attack, off-line dictionary attack, Full Text: PDF>>
Summary: Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities. | |||||
|
