Existing one-time password (OTP) schemes suffer several drawbacks. Token-based systems are expensive, while software-based schemes rely on one-time passwords that are dependent on each other. There are disadvantages to authentication schemes that rely on dependent OTP's. It is difficult to replicate the authentication server without lowering security. Also, current authentication schemes based on dependent OTP's only authenticate the initial connection; the remainder of the session is assumed to be authenticated. Experience shows that connections can be hijacked. A new scheme for generating one-time passwords that are independent is presented. The independence property enables easy replication of the authentication server, and authentication that is persistent for the lifetime of a connection. This mechanism is also ideally suited for smart card applications. Our implementation and several applications are discussed.
[1]
Ronald L. Rivest,et al.
The MD5 Message-Digest Algorithm
,
1992,
RFC.
[2]
Michael K. Reiter,et al.
The Rampart Toolkit for Building High-Integrity Services
,
1994,
Dagstuhl Seminar on Distributed Systems.
[3]
Ken Thompson,et al.
Password security: a case history
,
1979,
CACM.
[4]
Mihir Bellare,et al.
Entity Authentication and Key Distribution
,
1993,
CRYPTO.
[5]
S. M. Bellovin,et al.
Security problems in the TCP/IP protocol suite
,
1989,
CCRV.
[6]
Eli Biham,et al.
Differential Cryptanalysis of the Data Encryption Standard
,
1993,
Springer New York.
[7]
Silvio Micali,et al.
How to construct random functions
,
1986,
JACM.
[8]
Jeffrey I. Schiller,et al.
An Authentication Service for Open Network Systems. In
,
1998
.
[9]
Mitsuru Matsui,et al.
Linear Cryptanalysis Method for DES Cipher
,
1994,
EUROCRYPT.