Journal of information and communication convergence engineering

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지

One Pass Identification processing Password-based

  • Published : 2006.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

Almost all network systems provide an authentication mechanism based on user ID and password. In such system, it is easy to obtain the user password using a sniffer program with illegal eavesdropping. The one-time password and challenge-response method are useful authentication schemes that protect the user passwords against eavesdropping. In client/server environments, the one-time password scheme using time is especially useful because it solves the synchronization problem. In this paper, we present a new identification scheme: OPI(One Pass Identification). The security of OPI is based on the square root problem, and OPI is secure: against the well known attacks including pre-play attack, off-line dictionary attack and server comprise. A number of pass of OPI is one, and OPI processes the password and does not need the key. We think that OPI is excellent for the consuming time to verify the prover.

Keywords

References

  1. A. Hill, A. D. Brett, and C. J. Taylor, 'Automatic landmark identification using a new method of nonrigid correspondence' in Proceedings of IPMI '97 Conference, vol. 1230, pp. 483-488, 1997
  2. E. Moulines, P. Duhamel, J.F. Cardoso, and S. Mayrargue, Subspace methods for the blind identification of multichannel fir filters, IEEE Transactions on Signal Processing, SP-43, pp. 516-525, 1995
  3. Andreoni, J. and H. Varian, 'Pre-play Contracting in the Prisoners' Dilemma', mimeo, University of Wisconsin, 1999
  4. Bensaid, B. and R.J. Gary-Bobo, 'An Exact Formula for the Lion's Share: A Model of Pre-Play Negotiation,' Games and Economic Behavior, 14, pp 44-89, 1996 https://doi.org/10.1006/game.1996.0042
  5. Bao, F., R. Deng and W. Mao. Efficient and practical fair exchange protocols with off-line TTP. 1998 IEEE Symposium on Security and Privacy. Oakland, IEEE Compute Society. pp 77-85. 1998
  6. A. W. Senior and A. J. Robinson. An off-line cursive handwriting recognition system. IEEE Transactions on Pattern Analysis and Machine Intelligence, 20(3) pp309-321, 1998 https://doi.org/10.1109/34.667887
  7. Neil Haller. The s/key(tm) one-time password system. In Proceedings of the 1994 Symposium on Network and Distributed System Security, pp 151-157, 1994
  8. Neil Haller. The s/key(tm) one-time password system. Symposium on Network and Distributed System Security, pp 151-157, February 1994
  9. B. Schneier, Applied cryptography, John Wiley & Sons, 1996
  10. E.Biham and A. Shamir, 'Differential Cryptanalysis of DES-like cryptosystems', Advances in Cryptology - CRYPTO '90, LNCS 537, pp.2-21
  11. E. Biham and A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, New York, 1993
  12. Jong-Min Park, Yong-Hun Kim, Beom-Joon Cho, 'Password System Enhancing the Security against', The Korean Institute of Maritime Information & Communication Science, Vol. 8, No.8, pp. 1790-1795, 2004
  13. Jong-Min Park, 'Efficient and Secure Authenticated Key Exchange', The Korean Institute of Maritime Information & Communication Science, Vol. 3, No. 3, pp.163-166, 2005