| Paper Abstract and Keywords |
| Presentation |
2006-01-20 14:55
A One-Time Password Authentication Method
Takasuke Tsuji, Akihiro Shimizu (Kochi Univ. of Tech.) |
| Abstract |
(in Japanese) |
(See Japanese page) |
| (in English) |
Internet and mobile communication applications for managing personal information have been developing. Those application systems need password authentications to protect users' right from attacker. Communication data through the Internet can be intercepted and can be replayed. Password authentication schemes suffer from vulnerability to the replay attack, and one-time password authentication schemes that change the verifiers every session have been proposed. For mobile communications and internet protocols, a one-time password authentication protocol SAS-2(Simple And Secure password authentication protocol, version 2) has been proposed. However, the SAS-2 suffers from vulnerability to the stolen-verifier attack, in which the attacker steals user's verifier from the server and impersonates the user. Here, the stolen-verifier attack is discussed and an improved method is proposed. Moreover, the improved method solves forgery attack by using the stored certificate. |
| Keyword |
(in Japanese) |
(See Japanese page) |
| (in English) |
authentication / one-time password / stolen-verifier attack / personal information / mobile communication / / / |
| Reference Info. |
IEICE Tech. Rep., vol. 105, Jan. 2006. |
| Paper # |
|
| Date of Issue |
2006-01-13 (OIS) |
| ISSN |
Print edition: ISSN 0913-5685 |
| Download PDF |
|
| Conference Information |
| Committee |
IN ICM LOIS |
| Conference Date |
2006-01-19 - 2006-01-20 |
| Place (in Japanese) |
(See Japanese page) |
| Place (in English) |
Kyoto Univ. |
| Topics (in Japanese) |
(See Japanese page) |
| Topics (in English) |
|
| Paper Information |
| Registration To |
LOIS |
| Conference Code |
2006-01-IN-TM-OIS |
| Language |
English (Japanese title is available) |
| Title (in Japanese) |
(See Japanese page) |
| Sub Title (in Japanese) |
(See Japanese page) |
| Title (in English) |
A One-Time Password Authentication Method |
| Sub Title (in English) |
|
| Keyword(1) |
authentication |
| Keyword(2) |
one-time password |
| Keyword(3) |
stolen-verifier attack |
| Keyword(4) |
personal information |
| Keyword(5) |
mobile communication |
| Keyword(6) |
|
| Keyword(7) |
|
| Keyword(8) |
|
| 1st Author's Name |
Takasuke Tsuji |
| 1st Author's Affiliation |
Kochi University of Technology (Kochi Univ. of Tech.) |
| 2nd Author's Name |
Akihiro Shimizu |
| 2nd Author's Affiliation |
Kochi University of Technology (Kochi Univ. of Tech.) |
| 3rd Author's Name |
|
| 3rd Author's Affiliation |
() |
| 4th Author's Name |
|
| 4th Author's Affiliation |
() |
| 5th Author's Name |
|
| 5th Author's Affiliation |
() |
| 6th Author's Name |
|
| 6th Author's Affiliation |
() |
| 7th Author's Name |
|
| 7th Author's Affiliation |
() |
| 8th Author's Name |
|
| 8th Author's Affiliation |
() |
| 9th Author's Name |
|
| 9th Author's Affiliation |
() |
| 10th Author's Name |
|
| 10th Author's Affiliation |
() |
| 11th Author's Name |
|
| 11th Author's Affiliation |
() |
| 12th Author's Name |
|
| 12th Author's Affiliation |
() |
| 13th Author's Name |
|
| 13th Author's Affiliation |
() |
| 14th Author's Name |
|
| 14th Author's Affiliation |
() |
| 15th Author's Name |
|
| 15th Author's Affiliation |
() |
| 16th Author's Name |
|
| 16th Author's Affiliation |
() |
| 17th Author's Name |
|
| 17th Author's Affiliation |
() |
| 18th Author's Name |
|
| 18th Author's Affiliation |
() |
| 19th Author's Name |
|
| 19th Author's Affiliation |
() |
| 20th Author's Name |
|
| 20th Author's Affiliation |
() |
| Speaker |
Author-2 |
| Date Time |
2006-01-20 14:55:00 |
| Presentation Time |
25 minutes |
| Registration for |
LOIS |
| Paper # |
OIS2005-83 |
| Volume (vol) |
vol.105 |
| Number (no) |
no.529 |
| Page |
pp.23-28 |
| #Pages |
6 |
| Date of Issue |
2006-01-13 (OIS) |