The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Utilisant le concept génial de mot de passe à usage unique, le système d'authentification unidirectionnelle largement utilisé S/Key offre une bonne protection contre les attaques par réexécution. Dans cet article, S/key est amélioré pour sécuriser les transactions dans un environnement critique. Le système proposé est exempt de toute attaque d'usurpation d'identité de serveur, d'attaque en pré-lecture et d'attaque par dictionnaire hors ligne. Une clé de session est également établie ici pour assurer la confidentialité. De plus, la simplicité et l'efficacité sont prises en compte du point de vue de l'utilisateur. Une carte à puce est appliquée pour simplifier le processus de connexion de l'utilisateur et seule la fonction de hachage est utilisée pour conserver son efficacité. Par conséquent, le système proposé ci-après est en mesure de constituer un bouclier plus sûr pour les transactions sensibles telles que les opérations bancaires en ligne ou le commerce en ligne d'obligations et de titres.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Tzu-Chang YEH, Hsiao-Yun SHEN, Jing-Jang HWANG, "A Secure One-Time Password Authentication Scheme Using Smart Cards" in IEICE TRANSACTIONS on Communications,
vol. E85-B, no. 11, pp. 2515-2518, November 2002, doi: .
Abstract: Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.
URL: https://global.ieice.org/en_transactions/communications/10.1587/e85-b_11_2515/_p
Copier
@ARTICLE{e85-b_11_2515,
author={Tzu-Chang YEH, Hsiao-Yun SHEN, Jing-Jang HWANG, },
journal={IEICE TRANSACTIONS on Communications},
title={A Secure One-Time Password Authentication Scheme Using Smart Cards},
year={2002},
volume={E85-B},
number={11},
pages={2515-2518},
abstract={Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.},
keywords={},
doi={},
ISSN={},
month={November},}
Copier
TY - JOUR
TI - A Secure One-Time Password Authentication Scheme Using Smart Cards
T2 - IEICE TRANSACTIONS on Communications
SP - 2515
EP - 2518
AU - Tzu-Chang YEH
AU - Hsiao-Yun SHEN
AU - Jing-Jang HWANG
PY - 2002
DO -
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E85-B
IS - 11
JA - IEICE TRANSACTIONS on Communications
Y1 - November 2002
AB - Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.
ER -