Cargando…
P/Key: PUF based second factor authentication
One-time password (OTP) mechanisms are widely used to strengthen authentication processes. In time-based one-time password (TOTP) mechanisms, the client and server store common secrets. However, once the server is compromised, the client’s secrets are easy to obtain. To solve this issue, hash-chain-...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
Public Library of Science
2023
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9910660/ https://www.ncbi.nlm.nih.gov/pubmed/36758004 http://dx.doi.org/10.1371/journal.pone.0280181 |
| _version_ | 1784884829971546112 |
|---|---|
| author | Uysal, Ertan Akgün, Mete |
| author_facet | Uysal, Ertan Akgün, Mete |
| author_sort | Uysal, Ertan |
| collection | PubMed |
| description | One-time password (OTP) mechanisms are widely used to strengthen authentication processes. In time-based one-time password (TOTP) mechanisms, the client and server store common secrets. However, once the server is compromised, the client’s secrets are easy to obtain. To solve this issue, hash-chain-based second-factor authentication protocols have been proposed. However, these protocols suffer from latency in the generation of OTPs on the client side because of the hash-chain traversal. Secondly, they can generate only a limited number of OTPs as it depends on the length of the hash-chain. In this paper, we propose a second-factor authentication protocol that utilizes Physically Unclonable Functions (PUFs) to overcome these problems. In the proposed protocol, PUFs are used to store the secrets of the clients securely on the server. In case of server compromise, the attacker cannot obtain the seeds of clients’ secrets and can not generate valid OTPs to impersonate the clients. In the case of physical attacks, including side-channel attacks on the server side, our protocol has a mechanism that prevents attackers from learning the secrets of a client interacting with the server. Furthermore, our protocol does not incur any client-side delay in OTP generation. |
| format | Online Article Text |
| id | pubmed-9910660 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2023 |
| publisher | Public Library of Science |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-99106602023-02-10 P/Key: PUF based second factor authentication Uysal, Ertan Akgün, Mete PLoS One Research Article One-time password (OTP) mechanisms are widely used to strengthen authentication processes. In time-based one-time password (TOTP) mechanisms, the client and server store common secrets. However, once the server is compromised, the client’s secrets are easy to obtain. To solve this issue, hash-chain-based second-factor authentication protocols have been proposed. However, these protocols suffer from latency in the generation of OTPs on the client side because of the hash-chain traversal. Secondly, they can generate only a limited number of OTPs as it depends on the length of the hash-chain. In this paper, we propose a second-factor authentication protocol that utilizes Physically Unclonable Functions (PUFs) to overcome these problems. In the proposed protocol, PUFs are used to store the secrets of the clients securely on the server. In case of server compromise, the attacker cannot obtain the seeds of clients’ secrets and can not generate valid OTPs to impersonate the clients. In the case of physical attacks, including side-channel attacks on the server side, our protocol has a mechanism that prevents attackers from learning the secrets of a client interacting with the server. Furthermore, our protocol does not incur any client-side delay in OTP generation. Public Library of Science 2023-02-09 /pmc/articles/PMC9910660/ /pubmed/36758004 http://dx.doi.org/10.1371/journal.pone.0280181 Text en © 2023 Uysal, Akgün https://creativecommons.org/licenses/by/4.0/This is an open access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/) , which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited. |
| spellingShingle | Research Article Uysal, Ertan Akgün, Mete P/Key: PUF based second factor authentication |
| title | P/Key: PUF based second factor authentication |
| title_full | P/Key: PUF based second factor authentication |
| title_fullStr | P/Key: PUF based second factor authentication |
| title_full_unstemmed | P/Key: PUF based second factor authentication |
| title_short | P/Key: PUF based second factor authentication |
| title_sort | p/key: puf based second factor authentication |
| topic | Research Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9910660/ https://www.ncbi.nlm.nih.gov/pubmed/36758004 http://dx.doi.org/10.1371/journal.pone.0280181 |
| work_keys_str_mv | AT uysalertan pkeypufbasedsecondfactorauthentication AT akgunmete pkeypufbasedsecondfactorauthentication |