A one time password generation algorithm suitable for HOTP

Jian Wei Liu; Hui Li; Jian Feng Ma

A one time password generation algorithm suitable for HOTP

Jian Wei Liu^*
, Hui Li
, Jian Feng Ma

^*Corresponding author for this work

School of Cyber Science and Technology

Xidian University

Research output: Contribution to journal › Article › peer-review

Abstract

A one time password algorithm HTOP.C is proposed based on HMAC SHA-1 and a dynamic truncating function. The algorithm has a fast computing speed and high security, and it is easy to implement by using Token or IC card hardware. Therefore, the algorithm is suitable for the HTOP authentication framework. Besides, three basic conditions are proposed for the token-based authentication protocol, and an authentication protocol based on counter synchronization is designed. At the server side, the protocol sets up a maximum trying number to prevent the brute-force attack, and a look-ahead parameter to realize counter resynchronization. Finally, the security of the protocol is analyzed. Results show that the protocol can resist normal attacks, such as brute-force attack and interception/replay attack effectively, and is highly secure.

Original language	English
Pages (from-to)	650-654
Number of pages	5
Journal	Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University
Volume	33
Issue number	4
State	Published - Aug 2006

Keywords

Authentication protocol
Hash function
One time password

Cite this

@article{91bba1d6422c4f34a0723442fb58f0ea,

title = "A one time password generation algorithm suitable for HOTP",

abstract = "A one time password algorithm HTOP.C is proposed based on HMAC SHA-1 and a dynamic truncating function. The algorithm has a fast computing speed and high security, and it is easy to implement by using Token or IC card hardware. Therefore, the algorithm is suitable for the HTOP authentication framework. Besides, three basic conditions are proposed for the token-based authentication protocol, and an authentication protocol based on counter synchronization is designed. At the server side, the protocol sets up a maximum trying number to prevent the brute-force attack, and a look-ahead parameter to realize counter resynchronization. Finally, the security of the protocol is analyzed. Results show that the protocol can resist normal attacks, such as brute-force attack and interception/replay attack effectively, and is highly secure.",

keywords = "Authentication protocol, Hash function, One time password",

author = "Liu, \{Jian Wei\} and Hui Li and Ma, \{Jian Feng\}",

year = "2006",

month = aug,

language = "英语",

volume = "33",

pages = "650--654",

journal = "Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University",

issn = "1001-2400",

publisher = "Science Press ",

number = "4",

}

TY - JOUR

T1 - A one time password generation algorithm suitable for HOTP

AU - Liu, Jian Wei

AU - Li, Hui

AU - Ma, Jian Feng

PY - 2006/8

Y1 - 2006/8

N2 - A one time password algorithm HTOP.C is proposed based on HMAC SHA-1 and a dynamic truncating function. The algorithm has a fast computing speed and high security, and it is easy to implement by using Token or IC card hardware. Therefore, the algorithm is suitable for the HTOP authentication framework. Besides, three basic conditions are proposed for the token-based authentication protocol, and an authentication protocol based on counter synchronization is designed. At the server side, the protocol sets up a maximum trying number to prevent the brute-force attack, and a look-ahead parameter to realize counter resynchronization. Finally, the security of the protocol is analyzed. Results show that the protocol can resist normal attacks, such as brute-force attack and interception/replay attack effectively, and is highly secure.

AB - A one time password algorithm HTOP.C is proposed based on HMAC SHA-1 and a dynamic truncating function. The algorithm has a fast computing speed and high security, and it is easy to implement by using Token or IC card hardware. Therefore, the algorithm is suitable for the HTOP authentication framework. Besides, three basic conditions are proposed for the token-based authentication protocol, and an authentication protocol based on counter synchronization is designed. At the server side, the protocol sets up a maximum trying number to prevent the brute-force attack, and a look-ahead parameter to realize counter resynchronization. Finally, the security of the protocol is analyzed. Results show that the protocol can resist normal attacks, such as brute-force attack and interception/replay attack effectively, and is highly secure.

KW - Authentication protocol

KW - Hash function

KW - One time password

UR - https://www.scopus.com/pages/publications/33749843409

M3 - 文章

AN - SCOPUS:33749843409

SN - 1001-2400

VL - 33

SP - 650

EP - 654

JO - Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University

JF - Xi'an Dianzi Keji Daxue Xuebao/Journal of Xidian University

IS - 4

ER -

A one time password generation algorithm suitable for HOTP

Abstract

Keywords

Other files and links

Fingerprint

Cite this