We found a match
Your institution may have rights to this item. Sign in to continue.
- Title
An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree.
- Authors
Yin, Xinming; He, Junhui; Guo, Yi; Han, Dezhi; Li, Kuan-Ching; Castiglione, Arcangelo
- Abstract
The Time-based One-Time Password (TOTP) algorithm is commonly used for two-factor authentication. In this algorithm, a shared secret is used to derive a One-Time Password (OTP). However, in TOTP, the client and the server need to agree on a shared secret (i.e., a key). As a consequence, an adversary can construct an OTP through the compromised key if the server is hacked. To solve this problem, Kogan et al. proposed T/Key, an OTP algorithm based on a hash chain. However, the efficiency of OTP generation and verification is low in T/Key. In this article, we propose a novel and efficient Merkle tree-based One-Time Password (MOTP) algorithm to overcome such limitations. Compared to T/Key, this proposal reduces the number of hash operations to generate and verify the OTP, at the cost of small server storage and tolerable client storage. Experimental analysis and security evaluation show that MOTP can resist leakage attacks against the server and bring a tiny delay to two-factor authentication and verification time.
- Subjects
MULTI-factor authentication; COMPUTER access control; ALGORITHMS; KEY agreement protocols (Computer network protocols); TREES; PROBLEM solving; HASHING
- Publication
Sensors (14248220), 2020, Vol 20, Issue 20, p5735
- ISSN
1424-8220
- Publication type
Article
- DOI
10.3390/s20205735