Title :
A novel Web security evaluation model for a one-time-password system
Author :
Soh, Ben ; Joy, Aaron
Author_Institution :
Dept. of Comput. Sci. & Comput. Eng., La Trobe Univ., Bundoora, Vic., Australia
Abstract :
One-time passwords (OTPs) have the advantage over regular passwords in that they protect legitimate users from replay attacks by generating a different password for each time of authentication. There are two variables that play a major role in creating a secure OTP; they are the passphrase length and the number of times the one-time password should be hashed. It is already a known fact that the larger the passphrase length the better is the security an OTP can offer. However, there is still a lack of quantitative analysis carried out to study how optimal Web security can be achieved. We propose a novel Web security evaluation model that can be used to measure the strength of a one-time password.
Keywords :
Internet; authorisation; client-server systems; computer crime; message authentication; Web security evaluation model; computer crime; legitimate user protection; message authentication; one-time-password system; passphrase length; Access control; Authentication; Communication system security; Computer science; Databases; Machine intelligence; Network servers; Protection; Public key; Usability;
Conference_Titel :
Web Intelligence, 2003. WI 2003. Proceedings. IEEE/WIC International Conference on
Print_ISBN :
0-7695-1932-6
DOI :
10.1109/WI.2003.1241228
