A Secure Mobile OTP Token
نویسنده
چکیده
Implementing a mobile One-time Password (OTP) Token on a cellular phone is a hot topic since the past few years. The proposed solutions had made certain improvements on network security. But none of them can fully prevent the OTP seed (K) tracing from MIMT OTP code interception or Shoulder-surfing security attacks while also meet the following criteria – fully compliant with existing authentication systems, inter-operable with other token and easy to deploy or support. This paper presents a cipher called Rubbing Encryption Algorithm (REAL) and the implementation of a Mobile OTP Token using this algorithm. The newly designed REAL Mobile OTP Token addresses and improves the aforementioned issues successfully.
منابع مشابه
Implementing Strong Authentication with OTP: Integrated System
Due to the arising problems with using static passwords, there is a strong need of implementing more secure protocols for authentication. The One-Time Password protocol is implementation for two-factor authentication; the two factors being something you own (a token) and something you know (PIN). This paper presents an open algorithm for OTP and implements a clientserver system for secure OTP a...
متن کاملAlternative Graphical Authentication for Online Banking Environments
Many financial institutes tend to implement a secure authentication mechanism through the utilization of the One-Time-Password (OTP) technique. The use of a hardware security token to generate the required OTP has been widespread. Despite the fact that this method provides a fairly high level of security, many systems have not taken into consideration the need for a secure alternative login met...
متن کاملA Secure Mobile OTP Authentication Scheme for User Mobility Cloud VDI Environment
Since Cloud environment has appeared as the most powerful keyword in the computing industry, the growth in VDI (Virtual Desktop Infrastructure) became remarkable in domestic market. In recent years, with the trend that mobile devices such as smartphones and pads spread so rapidly, the strengths of VDI that allows people to access and perform business on the move along with companies' office nee...
متن کاملUbiquitous One-Time Password Service Using the Generic Authentication Architecture
The Generic Authentication Architecture (GAA) is a standardised extension to the mobile authentication infrastructure that enables the provision of security services, such as key establishment, to network applications. In this paper we first show how Trusted Computing can be extended in a GAA-like framework to offer new security services. We then propose a general scheme that converts a simple ...
متن کاملAuthentication Using Mobile Phone as a Security Token
Today security concerns are on the rise in all areas industries such as banks, governmental applications, healthcare industry, militaryorganization, educational institutions etc, with one common weak link being “passwords”. Several proper strategies for using passwords have been proposed. Some of which are very difficult to use and others might not meet the company’s security concerns. The usag...
متن کامل