For Libraries For Publication Open Access Downloads About Us Contact Us
Paper Titles
Research of Business Process Intelligent Building and Optimization Platform Base on SOA
p.576
Study on ASP-Based Anti-Spam Management System
p.581
Application of High Performance Parallel Computing Based on GPU
p.585
Research on Web Dynamic Ontology Construction Based on Concept Lattice
p.589
Research and Design on an Improved TOTP Authentication
p.595
Design and Realization of Network Security Defense Architecture of Medical Information Integration Platform
p.600
Detecting Application-Layer Attacks Based on User's Application-Layer Behaviors
p.607
Network Security Situation Awareness Model Based on Multi-Period Assessment
p.613
Secure Transfer Protocol Research and Design Based on the Internet of Things
p.619

Research and Design on an Improved TOTP Authentication

Article Preview

Abstract:

HOTP generation algorithm has safety risks because the counter is easily predicted. This paper describes TOTP generation algorithm which make the counter replace with timer, and makes an improved authentication method according to Three-Protocol of HOTP authentication method based on TOTP. The improved authentication method use an authentication number threshold and a timestamp to resist brute force attacks and replay attacks, use a random number and the MD5 encryption resist Man-in-the-Middle attack. Finally, a safe and useful Web authentication system is designed by PHP language.

You might also be interested in these eBooks
Information Technology Applications in Industry II View Preview

Info:

Periodical:

Applied Mechanics and Materials (Volumes 411-414)

Pages:

595-599

DOI:

https://doi.org/10.4028/www.scientific.net/AMM.411-414.595

Citation:

Cite this paper

Online since:

September 2013

Authors:

Jian Xun Zhao

Keywords:

Attacks, Authentication, HOTP, TOTP, Web

Export:

RIS, BibTeX

Price:

Permissions CCC:

Request Permissions

Permissions PLS:

Request Permissions

Сopyright:

© 2013 Trans Tech Publications Ltd. All Rights Reserved

Share:

Citation:

References

[1] D. M'Raihi,M. Bellare,F. Hoornaert, et al. HOTP: An HMAC-Based One-Time Password Algorithm[EB/OL]. http: /www. apps. ietf. org/rfc/rfc4226. html. 2005-11.

DOI: 10.17487/rfc4226

Google Scholar

[2] D. M'Raihi,S. Machani,M. Pei, et al. TOTP: Time-based One-time Password Algorithm [EB/OL]. http: /tools. ietf. org/html/rfc6238. 2011-8.

DOI: 10.17487/rfc6238

Google Scholar

[3] H. Krawczyk,M. Bellare,R. Canetti. HMAC: Keyed-Hashing for Message Authentication[EB/OL]. http: /www. ietf. org/rfc/rfc2104. txt. 1997-2.

DOI: 10.17487/rfc2104

Google Scholar

[4] N. Popp,D. M'raihi,L. Hart. One time password [P]. USA:20090313687, 2009-12-17.

Google Scholar

[5] David G.W. Birch. Digital identity management[M]. London: Gower Publishing, Ltd. 2007-5: 113-118.

Google Scholar

[6] Yanzhen. The Research of Interaction Design Patterns and Design Methods on Rich Internet Application User Interface[D]. DongHua University, (2011).

Google Scholar

© 2025 Trans Tech Publications Ltd. All rights are reserved, including those for text and data mining, AI training, and similar technologies. For open access content, terms of the Creative Commons licensing CC-BY are applied.
Scientific.Net is a registered trademark of Trans Tech Publications Ltd.