Litcius/Paper detail

Performance Evaluation of a new one-time password (OTP) scheme using stochastic petri net (SPN)

Razib Hayat Khan, Jonayet Miah

20222022 IEEE World AI IoT Congress (AIIoT)21 citationsDOI

Abstract

Static password is no more considered as a secure alternative to attain the authentication of the valid user in the internet world. This already opens the door for the attackers to compromise the password because of several vulnerable security attacks. Thus, it needs a secure mechanism which introduces the concept of OTP where password is frequently changed and valid for a certain period. The concept makes the OTP a strong alternative of static password that is widely used now a day. However, now smart phone is convenient and commonly used media to receive OTP generated by the system which is threatened by the man-in-the-middle attack if the channel for transferring the OTP to the user end is not protected. Bearing this shortcoming of existing OTP system, we develop a method where the user will perform a certain intermediate mathematical calculation before using the OTP received by the smart phone and thus, incorporates an extra layer of security in the existing OTP system. This extra layer of security protects the method from usual security attacks whether the channel used for transferring OTP is compromised or not. This new method of OTP has noticeable improvements in performance over the existing system and puts no extra burden in the server-side verification process.

Topics & Concepts

PasswordComputer scienceOne-time passwordComputer securityPassword crackingAuthentication (law)Side channel attackPassword strengthComputer networkCryptographyUser Authentication and Security SystemsChaos-based Image/Signal EncryptionAdvanced Malware Detection Techniques
Performance Evaluation of a new one-time password (OTP) scheme using stochastic petri net (SPN) | Litcius