Data Protection and Security

   

VII

Identification and Entity Authentication

    

VII.III

Authentication Protocols

    
   
 

One-time password schemes:

The general idea here is to use each password for only one time therefore the password eavesdropped is not useful for impersonation. In chapter 3, we have seen hash chain based one-time password (OTP) schemes. In a bigger picture, we can identify three variations of OTP schemes:

  • OTP sequences based on a hash chain. (Lamport’s scheme).
  • Shared lists of OTPs: Here, in the registration phase, user and server do not agree on a single password but on a list of passwords and the order of usage of passwords in the list. When all OTPs are exhausted, the registration phase should be repeated.
  • Sequentially updated OTPs: Now, initially only one password is shared. When this password is spent, together with it, the hash value of the next password to be used is also sent to the server. If the password is correct, server updates the hashed password entry of that user in its password file with the hash value that has just sent by him/her. This procedure can repeat indefinitely.
    

VII.III.I Q

[+] Question

[-] Question

What is the security drawback of sequentially updated OTPs?

    
   
       
 
«previous session [1] [2] [3] [4] [5] [6] [7] [8] [9] next session »
   
       
 
«proceed to previous sectionproceed to next section »
  chapter index