Title :
A secure OTP algorithm using a smartphone application
Author :
Hoyul Choi ; Hyunsoo Kwon ; Junbeom Hur
Author_Institution :
Sch. of Comput. Sci. & Eng., Chung-Ang Univ., Seoul, South Korea
Abstract :
Recently, several authentication protocols are being used in mobile applications. OTP is one of the most powerful authentication methods among them. However, it has some security vulnerabilities, particularly to MITM(Man-in-the-Middle) attack and MITPC/Phone(Man-in-the-PC/Phone) attack. An adversary could know a valid OTP value and be authenticated with this secret information in the presence of those attacks. To solve these problems, we propose a novel OTP algorithm and compare it with existing algorithms. The proposed scheme is secure against MITM attack and MITPC/Phone attack by using a captcha image, IMSI number embedded in SIM card and limiting available time of an attack.
Keywords :
cryptographic protocols; smart phones; MITM attack; MITPC attack; authentication protocols; captcha image; man-in-the-PC-phone attack; man-in-the-middle attack; secure OTP algorithm; smartphone application; Authentication; CAPTCHAs; Mobile communication; Mobile handsets; Servers; Synchronization; MITM; MITPhone; OTP; application; smart phone;
Conference_Titel :
Ubiquitous and Future Networks (ICUFN), 2015 Seventh International Conference on
Conference_Location :
Sapporo
DOI :
10.1109/ICUFN.2015.7182589
