Phishing is one of the most common attacks on the networks today and a primary enabler for fraud and identity theft, and the increasing sophistication of the phishers makes it very difficult for users to distinguish between genuine and fake. Thus, it is important to mutually authenticate each other. The mutual authentication between two entities is essential to establish a secure link over public/closed insecure networks. This paper gives an overview of proposed secure authentication system which includes the authentication server, one-time password generator, and database server. The system achieves mutual authentication by exchanging two one-time password (OTP) where OTP is a security mechanism, will be expired after single use/ some period of time and provides several advantages with respect to most of the available solutions at the state of the art. First, it enables transparent mutual authentication between two entities. Moreover, it guarantees authenticity of both entities within the same session. Finally, the proposed system ensures secure data transmission and protected access between two entities as well as to prevent from known attacks.
[1]
Kun Tang,et al.
TSPass: A Dynamic User Authentication Scheme Based On Time and Space
,
2012
.
[2]
Tsuji Takasuke,et al.
A One-Time Password Authentication Scheme Resistant to DoS Attacks
,
2009
.
[3]
Manav Singhal.
Software Tokens Based Two Factor AuthenticationScheme
,
2012
.
[4]
Akihiro Shimizu,et al.
A One-Time Password Authentication Method for Low Spec Machines and on Internet Protocols
,
2004
.
[5]
Akihiro Shimizu,et al.
One-Time Password Authentication Protocol against Theft Attacks
,
2004
.
[6]
Humaira Dar,et al.
Secure Scheme For User Authentication And Authorization In Android Environment
,
2013
.
[7]
Thawatchai Chomsiri,et al.
Web Security Improving by using Dynamic Password Authentication
,
2011
.
[9]
Chien-Ming Chen,et al.
Stolen-Verifier Attack on Two New Strong-Password Authentication Protocols
,
2002
.