Cargando…
An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree
The Time-based One-Time Password (TOTP) algorithm is commonly used for two-factor authentication. In this algorithm, a shared secret is used to derive a One-Time Password (OTP). However, in TOTP, the client and the server need to agree on a shared secret (i.e., a key). As a consequence, an adversary...
| Autores principales: | , , , , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7599477/ https://www.ncbi.nlm.nih.gov/pubmed/33050225 http://dx.doi.org/10.3390/s20205735 |
| _version_ | 1783602884203511808 |
|---|---|
| author | Yin, Xinming He, Junhui Guo, Yi Han, Dezhi Li, Kuan-Ching Castiglione, Arcangelo |
| author_facet | Yin, Xinming He, Junhui Guo, Yi Han, Dezhi Li, Kuan-Ching Castiglione, Arcangelo |
| author_sort | Yin, Xinming |
| collection | PubMed |
| description | The Time-based One-Time Password (TOTP) algorithm is commonly used for two-factor authentication. In this algorithm, a shared secret is used to derive a One-Time Password (OTP). However, in TOTP, the client and the server need to agree on a shared secret (i.e., a key). As a consequence, an adversary can construct an OTP through the compromised key if the server is hacked. To solve this problem, Kogan et al. proposed T/Key, an OTP algorithm based on a hash chain. However, the efficiency of OTP generation and verification is low in T/Key. In this article, we propose a novel and efficient Merkle tree-based One-Time Password (MOTP) algorithm to overcome such limitations. Compared to T/Key, this proposal reduces the number of hash operations to generate and verify the OTP, at the cost of small server storage and tolerable client storage. Experimental analysis and security evaluation show that MOTP can resist leakage attacks against the server and bring a tiny delay to two-factor authentication and verification time. |
| format | Online Article Text |
| id | pubmed-7599477 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-75994772020-11-01 An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree Yin, Xinming He, Junhui Guo, Yi Han, Dezhi Li, Kuan-Ching Castiglione, Arcangelo Sensors (Basel) Article The Time-based One-Time Password (TOTP) algorithm is commonly used for two-factor authentication. In this algorithm, a shared secret is used to derive a One-Time Password (OTP). However, in TOTP, the client and the server need to agree on a shared secret (i.e., a key). As a consequence, an adversary can construct an OTP through the compromised key if the server is hacked. To solve this problem, Kogan et al. proposed T/Key, an OTP algorithm based on a hash chain. However, the efficiency of OTP generation and verification is low in T/Key. In this article, we propose a novel and efficient Merkle tree-based One-Time Password (MOTP) algorithm to overcome such limitations. Compared to T/Key, this proposal reduces the number of hash operations to generate and verify the OTP, at the cost of small server storage and tolerable client storage. Experimental analysis and security evaluation show that MOTP can resist leakage attacks against the server and bring a tiny delay to two-factor authentication and verification time. MDPI 2020-10-09 /pmc/articles/PMC7599477/ /pubmed/33050225 http://dx.doi.org/10.3390/s20205735 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Yin, Xinming He, Junhui Guo, Yi Han, Dezhi Li, Kuan-Ching Castiglione, Arcangelo An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title | An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title_full | An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title_fullStr | An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title_full_unstemmed | An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title_short | An Efficient Two-Factor Authentication Scheme Based on the Merkle Tree |
| title_sort | efficient two-factor authentication scheme based on the merkle tree |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7599477/ https://www.ncbi.nlm.nih.gov/pubmed/33050225 http://dx.doi.org/10.3390/s20205735 |
| work_keys_str_mv | AT yinxinming anefficienttwofactorauthenticationschemebasedonthemerkletree AT hejunhui anefficienttwofactorauthenticationschemebasedonthemerkletree AT guoyi anefficienttwofactorauthenticationschemebasedonthemerkletree AT handezhi anefficienttwofactorauthenticationschemebasedonthemerkletree AT likuanching anefficienttwofactorauthenticationschemebasedonthemerkletree AT castiglionearcangelo anefficienttwofactorauthenticationschemebasedonthemerkletree AT yinxinming efficienttwofactorauthenticationschemebasedonthemerkletree AT hejunhui efficienttwofactorauthenticationschemebasedonthemerkletree AT guoyi efficienttwofactorauthenticationschemebasedonthemerkletree AT handezhi efficienttwofactorauthenticationschemebasedonthemerkletree AT likuanching efficienttwofactorauthenticationschemebasedonthemerkletree AT castiglionearcangelo efficienttwofactorauthenticationschemebasedonthemerkletree |