The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Menggunakan konsep kata laluan sekali sahaja yang hebat, skim pengesahan sehala S/Key yang digunakan secara meluas memberikan perlindungan yang baik terhadap serangan ulangan. Dalam kertas ini, S/key dipertingkatkan untuk menjamin transaksi dalam persekitaran kritikal. Skim yang dicadangkan adalah bebas daripada sebarang serangan spoofing pelayan, serangan pramain dan serangan kamus luar talian. Kunci sesi di sini juga diwujudkan untuk memberikan kerahsiaan. Selain itu, kesederhanaan dan kecekapan diambil kira dari sudut pandangan pengguna. Kad pintar digunakan untuk memudahkan proses log masuk pengguna dan hanya fungsi cincang digunakan untuk mengekalkan kecekapannya. Oleh itu, skim yang dicadangkan selepas ini mampu membina perisai yang lebih selamat untuk transaksi sensitif seperti perbankan dalam talian atau perdagangan dalam talian dalam bon dan sekuriti.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Salinan
Tzu-Chang YEH, Hsiao-Yun SHEN, Jing-Jang HWANG, "A Secure One-Time Password Authentication Scheme Using Smart Cards" in IEICE TRANSACTIONS on Communications,
vol. E85-B, no. 11, pp. 2515-2518, November 2002, doi: .
Abstract: Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.
URL: https://global.ieice.org/en_transactions/communications/10.1587/e85-b_11_2515/_p
Salinan
@ARTICLE{e85-b_11_2515,
author={Tzu-Chang YEH, Hsiao-Yun SHEN, Jing-Jang HWANG, },
journal={IEICE TRANSACTIONS on Communications},
title={A Secure One-Time Password Authentication Scheme Using Smart Cards},
year={2002},
volume={E85-B},
number={11},
pages={2515-2518},
abstract={Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.},
keywords={},
doi={},
ISSN={},
month={November},}
Salinan
TY - JOUR
TI - A Secure One-Time Password Authentication Scheme Using Smart Cards
T2 - IEICE TRANSACTIONS on Communications
SP - 2515
EP - 2518
AU - Tzu-Chang YEH
AU - Hsiao-Yun SHEN
AU - Jing-Jang HWANG
PY - 2002
DO -
JO - IEICE TRANSACTIONS on Communications
SN -
VL - E85-B
IS - 11
JA - IEICE TRANSACTIONS on Communications
Y1 - November 2002
AB - Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.
ER -