OTP Authentication Protocol Using Stream Cipher with Clock-Counter

클럭 카운트를 이용한 스트림 암호의 OTP 인증 프로토콜

  • 조상일 (동서대학교 유비쿼터스 IT 학과) ;
  • 이훈재 (동서대학교 컴퓨터정보공학부) ;
  • 이상곤 (동서대학교 컴퓨터정보공학부) ;
  • 임효택 (동서대학교 컴퓨터정보공학부)
  • Published : 2009.10.31

Abstract

User authentication has been one of the most important part of the network system. OTP(One-Time Password) has been developed and applied to the existing authentication system. OTP makes a different password and abrogates used password each time when user is authenticated by the server. Those systems prevent stolen-key-problems which is caused by using the same key every log-in trial. Yet, OTP still has vulnerabilities. In this paper, an advanced protocol which is using clock-count method to apply a stream cipher algorithm to OTP protocols and to solve problems of existing OTP protocols is proposed.

References

  1. M.L. Das, A. Saxena, YP. Gulati, "A dynamic ID-based remote user authentication scheme", IEEE Transactions on Consumer Electronics, vol. 50, no.2, 2004, pp. 629-631 https://doi.org/10.1109/TCE.2004.1309441
  2. 조상일, 이훈재, 임효택, 이상곤, "클럭 카운트를 이용한 스트림 암호의 OPT 인증 프로토콜", 한국통신학회 하계발표 대회, Vol. 37, pp.225, 2008
  3. 강수연, 이임영, "향상된 S/Key 방식을 이용한 RFID 인증 방안에 관한 연구", 한국정보처리학회 춘계학술발표대회 제 14권, pp.1066-1067, 2007.5
  4. 백미연, "전자금융거래의 보안 강화 방안 및 OTP(One Time Password) 이용현황", 지급 결제와 정보기술, pp. 71-100, April 2006
  5. H.Y. Chien, C.H. Chen, "A Remote Authentication Scheme Preserving User Anonymity" , IEEE AINA' 05, Vol. 2, pp.245-248, 2005
  6. T. Tsuji, T. Kamioka, and A. Shimizu, "Simple and secure password authentication protocol" ver.2(SAS-2), IEICE Technical Report, OIS 2003-30, vol. 102, no.314, September 2002
  7. S. Golomb, Shift Register Sequences, Aegean Park Press, Laguna Hills (CA), revised edition, 1982