A Method of Efficient OTP Generation Using Pseudorandom Number Generators

2019 International Conference on Information Science and Communications Technologies (ICISCT) Pub Date : 2019-11-01 DOI:10.1109/ICISCT47635.2019.9011825

Karimov Madjit Malikovich, Khudoykulov Zarif Turakulovich, Arzieva Jamila Tileubayevna

{"title":"A Method of Efficient OTP Generation Using Pseudorandom Number Generators","authors":"Karimov Madjit Malikovich, Khudoykulov Zarif Turakulovich, Arzieva Jamila Tileubayevna","doi":"10.1109/ICISCT47635.2019.9011825","DOIUrl":null,"url":null,"abstract":"Something you know based authentication method is the most classical authentication technique on the computer system, and is performed more easily and successfully than other methods even it is a vulnerable method against attacks such as eavesdropping or replay attack. To solve this problem, OTP (Onetime Password) technique is used. OTP is delivered from one side to the other in two approaches. In the first approach, OTP is generated on server side and sent to clients, for example, by SMS. In the second approach, OTP is generated on both sides at one time based on shared counter, such as, HOTP. In most cases, one-way hash functions are used in both approaches to generate OTP. As resent researches show the weakness of the hash functions, we need new a new OTP generation algorithms to solve this problem. In this paper, we propose a method of creating one time password based on pseudorandom number generators (PRNG), which they are exist on many systems and programming languages as native.","PeriodicalId":170576,"journal":{"name":"2019 International Conference on Information Science and Communications Technologies (ICISCT)","volume":"33 4","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 International Conference on Information Science and Communications Technologies (ICISCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICISCT47635.2019.9011825","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 7

Abstract

Something you know based authentication method is the most classical authentication technique on the computer system, and is performed more easily and successfully than other methods even it is a vulnerable method against attacks such as eavesdropping or replay attack. To solve this problem, OTP (Onetime Password) technique is used. OTP is delivered from one side to the other in two approaches. In the first approach, OTP is generated on server side and sent to clients, for example, by SMS. In the second approach, OTP is generated on both sides at one time based on shared counter, such as, HOTP. In most cases, one-way hash functions are used in both approaches to generate OTP. As resent researches show the weakness of the hash functions, we need new a new OTP generation algorithms to solve this problem. In this paper, we propose a method of creating one time password based on pseudorandom number generators (PRNG), which they are exist on many systems and programming languages as native.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

一种利用伪随机数发生器高效生成OTP的方法

基于您所知的身份验证方法是计算机系统中最经典的身份验证技术，它比其他方法执行起来更容易、更成功，即使它是一种容易受到窃听或重放攻击等攻击的方法。为了解决这个问题，使用了OTP(一次性密码)技术。OTP以两种方式从一端传送到另一端。在第一种方法中，OTP是在服务器端生成的，然后通过SMS发送给客户端。在第二种方法中，基于共享计数器(如HOTP)在双方同时生成OTP。在大多数情况下，两种方法都使用单向散列函数来生成OTP。由于现有的研究显示了哈希函数的弱点，我们需要新的OTP生成算法来解决这个问题。本文提出了一种基于伪随机数生成器(PRNG)的一次性密码生成方法。伪随机数生成器作为本机存在于许多系统和编程语言中。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2019 International Conference on Information Science and Communications Technologies (ICISCT)

自引率

0.00%

发文量