ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A secure one-time password authentication scheme with low-computation for mobile communications
Full text PdfPdf (940 KB)
Source ACM SIGOPS Operating Systems Review archive
Volume 38 ,  Issue 2  (April 2004) table of contents
Pages: 76 - 84  
Year of Publication: 2004
ISSN:0163-5980
Authors
Min-Hui Lin  Providence University, Taichung, Taiwan, R.O.C.
Chin-Chen Chang  National Chung Cheng University, Chiayi, Taiwan, R.O.C.
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 10,   Downloads (12 Months): 76,   Citation Count: 1
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues   peer to peer  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/991130.991138
What is a DOI?

ABSTRACT

In recent years, m-commerce technology has been maturing. Various mobile devices are now designed to help users reach the servers of service providers and to process tasks such as stock trading, product purchasing, product information collecting, and so on. Once the services are only available to the members, authentication is applied to verify the identities of users. However, most current authentication methods used in m-commerce are designed for wired networks and require high computation costs, making them unsuitable for wireless environments.A one-time password authentication scheme that uses lighter computation and considers the limitations of mobile devices is proposed in this paper. Meanwhile, the proposed scheme is free from replay attacks, server spoofing attacks, off-line dictionary attacks, active attacks, and revelation of message contents.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Chris J. Mitchell , Liqun Chen, Comments on the S/KEY user authentication scheme, ACM SIGOPS Operating Systems Review, v.30 n.4, p.12-16, Oct. 1996  [doi>10.1145/240799.240801]
 
2
N. M. Haller, "On Internet Authentication," RFC 1704, October 1994.
 
3
N. M. Haller, "The S/KEY One-Time Password System," RFC 1760, February 1995.
 
4
N. M. Haller, "A One-Time Password System," RFC 1938, May 1996.
 
5
P. Mackenzie and R. Swaminthan, "Secure Network Authentication with Password Identification," presented to the IEEE P1363 working group, 1999.
 
6
Sung-Ming Yen , Kuo-Hong Liao, Shared authentication token secure against replay and weak key attacks, Information Processing Letters, v.62 n.2, p.77-80, April 28, 1997  [doi>10.1016/S0020-0190(97)00046-X]
 
7
Ronald L. Rivest and Adi Shamir, "PayWord and MicroMint: Two Simple Micropayment Schemes," CryptoBytes, Vol. 2, No. 1, Spring 1996, pp. 7--11.
 
8
T. Wu, "The Secure Remote Password Protocol," in Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, San Diego, CA, March 1998, pp. 97--111.
 
9
T. C. Yeh, H. Y. Shen, J. J. Hwang, "A Secure One-Time Password Authentication Scheme Using Smart Cards," IEICE Transactions on Communications, Vol. E85, No. 11, 2002, pp. 2515--2518.

CITED BY
Makiko Aoyagi , Tsuyoshi Abe , Kenji Takahashi, Symmetric identity federation for fixed-mobile convergence, Proceedings of the 4th ACM workshop on Digital identity management, October 31-31, 2008, Alexandria, Virginia, USA

INDEX TERMS

Keywords:
authentication, off-line dictionary attack, one-time password, replay attack, server spoofing attack, smart card

Collaborative Colleagues:
Min-Hui Lin: colleagues
Chin-Chen Chang: colleagues

Peer to Peer - Readers of this Article have also read:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player