Title :
IP Onetime-Password Authentication Scheme over Insecure Data Channel
Author_Institution :
Inst. for Infocomm Res.
Abstract :
In this paper, we propose an IP onetime-password authentication scheme over insecure data channel, for resource access control at an edge router. We assume a master secret key is pre-established between a legitimate end-host and an edge router. Prior to data transfer, a four-message-handshake scheme for setup is applied over insecure data channel, through which a legitimate end-host communicates the commitment of a one-way key chain (i.e., the first key) with the ISP edge router. The legitimate end-host then uses the keys of the key chain as the onetime-passwords in the order reverse to the generation of these keys. The edge router, knowing the correct sequence of the valid onetime-passwords, verifies the received onetime-passwords and denies undesirable traffic to access the reserved network. The authentication scheme of IP onetime-password is secure even if an attacker can temper with and eavesdrop on the communication between end-host and edge router
Keywords :
IP networks; cryptography; message authentication; telecommunication network routing; telecommunication security; IP onetime-password authentication scheme; ISP; data transfer; edge router; four-message-handshake scheme; insecure data channel; legitimate end-host; master secret key; one-way key chain; resource access control; Access control; Authentication; Costs; Cryptography; Delay; Diffserv networks; Disruption tolerant networking; Multicast protocols; Streaming media; Telecommunication traffic;
Conference_Titel :
Personal, Indoor and Mobile Radio Communications, 2005. PIMRC 2005. IEEE 16th International Symposium on
Conference_Location :
Berlin
Print_ISBN :
9.7838007291e+012
DOI :
10.1109/PIMRC.2005.1651710
