An Improved OTP Authentication System and its Application in Mobile Commerce
E-commerce based on Internet is gradually becoming a new mode for commercial activities and the greatest misgiving of enterprises to conduct ecommerce is safety. One-time password (OTP) scheme can help to solves password problems such as password conjecture and wiretapping, which occurs by repeatedly using the same password. The S/KEY onetime password system is one of most popular authentication schemes, however it can not-withstand small integer attack. This work illustrates as well as discusses of the S/KEY based authentication schemes with their pros and cons. This paper suggests an improved onetime password system based on bidirectional virtual authorization in mobile application systems. Our proposed Scheme can defend copy attacks, replay attacks, integer attack and Brute-Force Attack.
E-commerce OTP Authentication S/KEY Integer attack Mobile
Xi Ye Wushao Wen
Department of Computer Science Wenzhou Medical College Wenzhou, China School of Software Sun Yat-Sen School of Software Sun Yat-Sen University Guangzhou, China
国际会议
重庆
英文
220-225
2011-01-21(万方平台首次上网日期,不代表论文的发表时间)