基于一次性密码的认证协议

2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus) Pub Date : 2019-01-01 DOI:10.1109/EICONRUS.2019.8656839

S. Babkin, A. Epishkina

{"title":"基于一次性密码的认证协议","authors":"S. Babkin, A. Epishkina","doi":"10.1109/EICONRUS.2019.8656839","DOIUrl":null,"url":null,"abstract":"Nowadays one-time passwords are used in a lot of areas of information technologies including e-commerce. A few vulnerabilities in authentication protocols based on one-time passwords are widely known. In current work, we analyze authentication protocols based on one-time passwords and their vulnerabilities. Both simple and complicated protocols which are implementing cryptographic algorithms are reviewed. For example, an analysis of relatively old Lamport’s hash-chain protocol is provided. At the same time, we examine HOTP and TOTP protocols which are actively used nowadays. The main result of the work are conclusions about the security of reviewed protocols based on one-time passwords.","PeriodicalId":6748,"journal":{"name":"2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)","volume":"64 1","pages":"1794-1798"},"PeriodicalIF":0.0000,"publicationDate":"2019-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"Authentication Protocols Based on One-Time Passwords\",\"authors\":\"S. Babkin, A. Epishkina\",\"doi\":\"10.1109/EICONRUS.2019.8656839\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Nowadays one-time passwords are used in a lot of areas of information technologies including e-commerce. A few vulnerabilities in authentication protocols based on one-time passwords are widely known. In current work, we analyze authentication protocols based on one-time passwords and their vulnerabilities. Both simple and complicated protocols which are implementing cryptographic algorithms are reviewed. For example, an analysis of relatively old Lamport’s hash-chain protocol is provided. At the same time, we examine HOTP and TOTP protocols which are actively used nowadays. The main result of the work are conclusions about the security of reviewed protocols based on one-time passwords.\",\"PeriodicalId\":6748,\"journal\":{\"name\":\"2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)\",\"volume\":\"64 1\",\"pages\":\"1794-1798\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/EICONRUS.2019.8656839\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/EICONRUS.2019.8656839","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

摘要

如今，一次性密码被用于包括电子商务在内的许多信息技术领域。基于一次性密码的身份验证协议中的一些漏洞是众所周知的。在目前的工作中，我们分析了基于一次性密码的认证协议及其漏洞。对实现密码算法的简单协议和复杂协议进行了综述。例如，提供了对相对较旧的Lamport哈希链协议的分析。同时，对目前比较常用的HOTP和TOTP协议进行了分析。这项工作的主要结果是关于基于一次性密码的审查协议的安全性的结论。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Authentication Protocols Based on One-Time Passwords

Nowadays one-time passwords are used in a lot of areas of information technologies including e-commerce. A few vulnerabilities in authentication protocols based on one-time passwords are widely known. In current work, we analyze authentication protocols based on one-time passwords and their vulnerabilities. Both simple and complicated protocols which are implementing cryptographic algorithms are reviewed. For example, an analysis of relatively old Lamport’s hash-chain protocol is provided. At the same time, we examine HOTP and TOTP protocols which are actively used nowadays. The main result of the work are conclusions about the security of reviewed protocols based on one-time passwords.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2019 IEEE Conference of Russian Young Researchers in Electrical and Electronic Engineering (EIConRus)

自引率

0.00%

发文量