One-Time Password Authentication Protocol against Theft Attacks(Security)(<Special Section>Internet Technology IV)
スポンサーリンク
概要
- 論文の詳細を見る
Software applications for the transfer of money or personal information are increasingly common on the Internet. These applications require user authentication for confirming legitimate users. One-time password authentication methods risk a stolen-verifier problem or other steal attacks because the authentication on the Internet server stores the user's verifiers and secret keys. The SAS-2 (Simple And Secure password authentication protocol, ver.2) and the ROSI (RObust and Simple password authentication protocol) are secure password authentication protocols. However, we have found attacks on SAS-2 and ROSI. Here, we propose a new method which eliminates such problems without increasing the processing load and can perform high security level same as S/Key systems without resetting the verifier.
- 社団法人電子情報通信学会の論文
- 2004-03-01
著者
-
Tsuji Takasuke
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
-
Tsuji Takasuke
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
-
Shimizu Akihiro
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
-
Shimizu Akihiro
Course Of Information Systems Engineering Department Of Engineering Graduate School Of Engineering K
関連論文
- An Impersonation Attack on One-Time Password Authentication Protocol OSPA(Fundamental Theories)
- Cryptanalysis on One-Time Password Authentication Schemes Using Counter Value(Internet)
- One-Time Password Authentication Protocol against Theft Attacks(Security)(Internet Technology IV)
- A One-Time Password Authentication Method for Low Spec Machines and on Internet Protocols(Internet)