The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
La plupart des systèmes réseau fournissent un mécanisme d'authentification basé sur un numéro d'identification utilisateur et un mot de passe. Dans de tels systèmes, il est facile d'obtenir le mot de passe d'un utilisateur à l'aide d'un programme de renifleur avec écoute clandestine. La méthode du mot de passe à usage unique et la méthode défi-réponse sont des systèmes d'authentification utiles qui protègent le mot de passe d'un utilisateur contre les écoutes clandestines. Dans les environnements client/serveur, le système de mot de passe à usage unique utilisant le temps est particulièrement utile car il résout le problème de synchronisation. Cependant, il présente un problème de décalage temporel, et ce problème entraîne l'échec de l'authentification. Dans cet article, nous proposons un algorithme de mot de passe unique efficace, qui résout le problème de glissement temporel grâce à l'utilisation d'informations de 1 bit, qui indiquent la durée pendant laquelle l'authentification pourrait échouer en raison d'un glissement temporel. Cet algorithme peut être ajouté facilement et rapidement aux systèmes de mots de passe à usage unique actuels en utilisant le temps sans nécessiter de changement de protocole.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Joonggil PARK, Bongjoo PARK, Jongyoul PARK, Jae-cheol RYOU, "The Improved One-Time Password Algorithm Using Time" in IEICE TRANSACTIONS on Information,
vol. E85-D, no. 12, pp. 1962-1966, December 2002, doi: .
Abstract: Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.
URL: https://global.ieice.org/en_transactions/information/10.1587/e85-d_12_1962/_p
Copier
@ARTICLE{e85-d_12_1962,
author={Joonggil PARK, Bongjoo PARK, Jongyoul PARK, Jae-cheol RYOU, },
journal={IEICE TRANSACTIONS on Information},
title={The Improved One-Time Password Algorithm Using Time},
year={2002},
volume={E85-D},
number={12},
pages={1962-1966},
abstract={Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.},
keywords={},
doi={},
ISSN={},
month={December},}
Copier
TY - JOUR
TI - The Improved One-Time Password Algorithm Using Time
T2 - IEICE TRANSACTIONS on Information
SP - 1962
EP - 1966
AU - Joonggil PARK
AU - Bongjoo PARK
AU - Jongyoul PARK
AU - Jae-cheol RYOU
PY - 2002
DO -
JO - IEICE TRANSACTIONS on Information
SN -
VL - E85-D
IS - 12
JA - IEICE TRANSACTIONS on Information
Y1 - December 2002
AB - Most network systems provide an authentication mechanism based on a user identification number and a password. In such systems, it is easy to obtain a user's password using a sniffer program with illegal eavesdropping. The one-time password method and the challenge-response method are useful authentication schemes that protect a user's password against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. However, it has a problem of time-slippage, and this problem causes the authentication to be failed. In this paper, we propose an effective one-time password algorithm, which solves the time-slippage problem through the use of 1-bit information, which denotes the duration in which the authentication could be failed because of time-slippage. This algorithm can be added easily and quickly to current one-time password systems using time without requiring any change of protocols.
ER -