For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
The Improved One-Time Password Algorithm Using Time
Joonggil PARK Bongjoo PARK Jongyoul PARK Jae-cheol RYOU
IEICE TRANSACTIONS on Information and Systems
Publication Date: 2002/12/01
Print ISSN: 0916-8532
Type of Manuscript: LETTER
Category: Applications of Information Security Techniques
authentication, one-time password, time-slippage,
Full Text: PDF(461.3KB)>>
Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.