Improving the security and flexibility of one-time passwords by signature chains
Yıl: 2003 Cilt: 11 Sayı: 3 Sayfa Aralığı: 223 - 236 Metin Dili: İngilizce İndeks Tarihi: 29-07-2022
Improving the security and flexibility of one-time passwords by signature chains
Öz: While the classical attack of ``monitor the network and intercept the password'' can be avoided by advanced protocols like SSH, one-time passwords are still considered a viable alternative or a supplement for software authentica since they are the only ones that safeguard against attacks on insecure client machines. In this paper by using public-key techniques we present a method called signature chain alternative to Lamport's hash chain to improve security and flexibility of one-time passwords. Our proposition improves the security because first, like other public-key authentication protocols, the server and the user do not share a secret, thereby eliminating attacks on the server side. Second, from any incorrectly revealed one-time password, unspent passwords cannot be calculated if a signature chain is preferred. Having an infinite length, the chain in our proposition is more flexible and facilitates using the protocol without the complexity of restarting. On the other hand, the disadvantage of signature chain is the longer verification time with respect to hash chain based approaches.
Anahtar Kelime: Konular:
Belge Türü: Makale Makale Türü: Araştırma Makalesi Erişim Türü: Erişime Açık
- [1] R. Anderson, Security Engineering: a guide to building dependable distributed systems, Wiley Computer Publishing, 2001.
- [2] Bruce Schneier, Secrets and Lies: digital security in a networked world, Wiley Computer Publishing, 2000.
- [3] R. Anderson, M. Kuhn: Tamper Resistance - a Cautionary Note, the Second USENIX Workshop on Electronic Commerce Proceedings, Oakland, November 1996.
- [4] T. Ylonen. SSH - Secure login connections over the Internet, In Proc. of 6th USENIX Security Symposium, July 1996.
- [5] A. Menezes, P. Van Oorshot, S. Vanstone, Handbook of applied cryptography, CRC Press, 1996.
- [6] L. Lamport, Password authentication with insecure communication, Communications of the ACM, 24(11),November 1981.
- [7] N. Haller, The S/Key One-Time Password System, Proceedings of the Symposium on Network & Distributed Systems Security, Internet Society, San Diego, CA, February 1994.
- [8] D.L. McDonald, R.J. Atkinson, C. Metz "One-Time Passwords in Everything (OPIE): Experiences with Building and Using Strong Authentication," In Proc. of the 5th USENIX UNIX Security Symposium, June 1995.
- [9] D. de Waleffe, J.J. Quisquater: Better login protocols for computer networks. In Proc. of ESORICS, France,October 1990.
- [10] A.D. Rubin, Independent One-Time Passwords, USENIX Journal of Computer Systems, February 1996.
- [11] M. Kuhn, A One Time Password Login Capability, http://www.cl.cam.ac.uk/~mgk25/otpw.html
- [12] K. Bicakci, N. Baykal, Infinite Length Hash Chains and Their Applications, Proc. of IEEE 11t h International Workshops on Enabling Technologies (WETICE 2002), June 2002, Pittsburgh, USA.
- [13] C. Kaufman, R. Perlman, M. Speciner, Network Security, Private Communication in a Public World, Prentice Hall Series, Second Edition, 2002.
- [14] R.L. Rivest, A. Shamir, L.M. Adleman, A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 1978.
- [15] National Institute of Standards and Technology (NIST), FIPS Publication 186: Digital Signature Standard (DSS), May 19, 1994.
- [16] P.R. Zimmermann, The Official PGP User's Guide, MIT Press, Cambridge, Mass., 1995.
- [17] National Institute of Standards and Technology (NIST), FIPS Publication 180: Secure Hash Standard (SHS), May 11, 1993.
| APA | BIÇAKCI K, BAYKAL N (2003). Improving the security and flexibility of one-time passwords by signature chains. , 223 - 236. |
| Chicago | BIÇAKCI Kemal,BAYKAL Nazife Improving the security and flexibility of one-time passwords by signature chains. (2003): 223 - 236. |
| MLA | BIÇAKCI Kemal,BAYKAL Nazife Improving the security and flexibility of one-time passwords by signature chains. , 2003, ss.223 - 236. |
| AMA | BIÇAKCI K,BAYKAL N Improving the security and flexibility of one-time passwords by signature chains. . 2003; 223 - 236. |
| Vancouver | BIÇAKCI K,BAYKAL N Improving the security and flexibility of one-time passwords by signature chains. . 2003; 223 - 236. |
| IEEE | BIÇAKCI K,BAYKAL N "Improving the security and flexibility of one-time passwords by signature chains." , ss.223 - 236, 2003. |
| ISNAD | BIÇAKCI, Kemal - BAYKAL, Nazife. "Improving the security and flexibility of one-time passwords by signature chains". (2003), 223-236. |
| APA | BIÇAKCI K, BAYKAL N (2003). Improving the security and flexibility of one-time passwords by signature chains. Turkish Journal of Electrical Engineering and Computer Sciences, 11(3), 223 - 236. |
| Chicago | BIÇAKCI Kemal,BAYKAL Nazife Improving the security and flexibility of one-time passwords by signature chains. Turkish Journal of Electrical Engineering and Computer Sciences 11, no.3 (2003): 223 - 236. |
| MLA | BIÇAKCI Kemal,BAYKAL Nazife Improving the security and flexibility of one-time passwords by signature chains. Turkish Journal of Electrical Engineering and Computer Sciences, vol.11, no.3, 2003, ss.223 - 236. |
| AMA | BIÇAKCI K,BAYKAL N Improving the security and flexibility of one-time passwords by signature chains. Turkish Journal of Electrical Engineering and Computer Sciences. 2003; 11(3): 223 - 236. |
| Vancouver | BIÇAKCI K,BAYKAL N Improving the security and flexibility of one-time passwords by signature chains. Turkish Journal of Electrical Engineering and Computer Sciences. 2003; 11(3): 223 - 236. |
| IEEE | BIÇAKCI K,BAYKAL N "Improving the security and flexibility of one-time passwords by signature chains." Turkish Journal of Electrical Engineering and Computer Sciences, 11, ss.223 - 236, 2003. |
| ISNAD | BIÇAKCI, Kemal - BAYKAL, Nazife. "Improving the security and flexibility of one-time passwords by signature chains". Turkish Journal of Electrical Engineering and Computer Sciences 11/3 (2003), 223-236. |
