IP Onetime-Password Authentication Scheme over Insecure Data Channel

Author

Ma, Miao

Author_Institution

Inst. for Infocomm Res.

Volume

3

fYear

2005

fDate

11-14 Sept. 2005

Firstpage

1581

Lastpage

1585

Abstract

In this paper, we propose an IP onetime-password authentication scheme over insecure data channel, for resource access control at an edge router. We assume a master secret key is pre-established between a legitimate end-host and an edge router. Prior to data transfer, a four-message-handshake scheme for setup is applied over insecure data channel, through which a legitimate end-host communicates the commitment of a one-way key chain (i.e., the first key) with the ISP edge router. The legitimate end-host then uses the keys of the key chain as the onetime-passwords in the order reverse to the generation of these keys. The edge router, knowing the correct sequence of the valid onetime-passwords, verifies the received onetime-passwords and denies undesirable traffic to access the reserved network. The authentication scheme of IP onetime-password is secure even if an attacker can temper with and eavesdrop on the communication between end-host and edge router

Keywords

IP networks; cryptography; message authentication; telecommunication network routing; telecommunication security; IP onetime-password authentication scheme; ISP; data transfer; edge router; four-message-handshake scheme; insecure data channel; legitimate end-host; master secret key; one-way key chain; resource access control; Access control; Authentication; Costs; Cryptography; Delay; Diffserv networks; Disruption tolerant networking; Multicast protocols; Streaming media; Telecommunication traffic;

fLanguage

English

Publisher

ieee

Conference_Titel

Personal, Indoor and Mobile Radio Communications, 2005. PIMRC 2005. IEEE 16th International Symposium on

Conference_Location

Berlin

Print_ISBN

9.7838007291e+012

Type

conf

DOI

10.1109/PIMRC.2005.1651710

Filename

1651710