E-commerce based on Internet is gradually becoming a new mode for commercial activities and the greatest misgiving of enterprises to conduct e-commerce is safety. One-time password (OTP) scheme can help to solves password problems such as password conjecture and wiretapping, which occurs by repeatedly using the same password. The S/KEY one-time password system is one of most popular authentication schemes, however it can not withstand small integer attack. This work illustrates as well as discusses of the S/KEY based authentication schemes with their pros and cons. This paper suggests an improved one-time password system based on bidirectional virtual authorization in mobile application systems. Our proposed Scheme can defend copy attacks, replay attacks, integer attack and Brnte-Force Attack..
Ye, Xi,Gao, Ming,Jiang, Jing. A Practical OTP Authentication System and its Application in Mobile Commerce[C].
LOS ALAMITOS:IEEE COMPUTER SOC,2012:87-91.
修改评论