Litcius/Paper detail

Group Time-based One-time Passwords and its Application to Efficient Privacy-Preserving Proof of Location

Zheng Yang, Chenglu Jin, Jianting Ning, Zengpeng Li, Anh Dinh, Jianying Zhou

2021Annual Computer Security Applications Conference14 citationsDOIOpen Access PDF

Abstract

Time-based One-Time Password (TOTP) provides a strong second factor for user authentication. In TOTP, a prover authenticates to a verifier by using the current time and a secret key to generate an authentication token (or password) which is valid for a short time period. Our goal is to extend TOTP to the group setting, and to provide both authentication and privacy. To this end, we introduce a new authentication scheme, called Group TOTP (GTOTP), that allows the prover to prove that it is a member of an authenticated group without revealing its identity. We propose a novel construction that transforms any asymmetric TOTP scheme into a GTOTP scheme. Our approach combines Merkle tree and Bloom filter to reduce the verifier’s states to constant sizes.

Topics & Concepts

PasswordComputer scienceInformation privacyComputer securityCryptography and Data SecurityUser Authentication and Security SystemsAdvanced Authentication Protocols Security