A One-Time Password Authentication Scheme for Secure Remote Access in Intelligent Home Networks

  • Ilsun You
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4252)


One of the important services that intelligent home networks provide is to remotely control home appliances in home network. However, the remote control service causes intelligent home networks to have various security threats. Thus, for the service, intelligent home networks should provide strong security services, especially user authentication. In this paper, we provide a public key based one-time password authentication scheme for secure remote access in intelligent home networks. To provide 2-factor strong authentication conveniently and cost effectively, we adopt and enhance YEH-SHEN-HWANG’s authentication scheme. Since our scheme uses a server-side public key to addresses the vulnerabilities of YEH-SHEN-HWANG’s scheme, it can securely perform user authentication, server authentication and session key distribution without any pre-shared secret, while defending against server compromise.


Smart Card Authentication Scheme Registration Stage Server Spoof Attack Authentication Stage 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Sun, H.: Home Networking. Mitsubishi Electric Research Laboratories (2004),
  2. 2.
    Yeh, T.C., Shen, H.Y., Hwang, J.J.: A Secure One-Time Password Authentication Scheme Using Smart Cards. IEICE Transaction on Communication E85-B(11), 2515–2518 (2002)Google Scholar
  3. 3.
    Haller, N., Metz, C., Nesser, P., Straw, M.: A one-time password system, RFC 2289 (February 1998)Google Scholar
  4. 4.
    Haller, N.: The S/KEY one-time password, RFC 1760 (February 1995)Google Scholar
  5. 5.
    Mitchell, C.J., Chen, L.: Comments on the S/KEY user authentication scheme. ACM Operating Systems Review 30(4), 12–16 (1996)CrossRefGoogle Scholar
  6. 6.
    Yen, S.M., Liao, K.H.: Shared Authentication Token Secure against Replay and Weak Key Attacks. Information Processing Letters 62, 77–80 (1997)CrossRefMathSciNetGoogle Scholar
  7. 7.
    You, I., Cho, K.: Comments on YEH-SHEN-HWANG’s One-Time Password Authentication Scheme. IEICE Transaction on Communication E88-B(2), 751–753 (2005)CrossRefGoogle Scholar
  8. 8.
    Denning, D., Sacco, G.: Timestamps in Key Distribution Systems. Communications of the ACM 24(8), 533–536 (1981)CrossRefGoogle Scholar
  9. 9.
    Kim, S., Kim, B., Park, S., Yen, S.: Comments on Password-Based Private Key Download Protocol of NDSS 1999. Electronics Letters 35(22), 1937–1938 (1999)CrossRefGoogle Scholar
  10. 10.
    Ku, W.C., Chen, C.M., Lee, H.L.: Cryptoanalysis of a Variant of Peyravian-Zunic’s Password Authentication Scheme. IEICE Transaction on Communication E86-B(5), 1682–1684 (2003)Google Scholar
  11. 11.
    You, I., Cho, K.: A S/KEY Based Secure Authentication Protocol Using Public Key Cryptography. The KIPS Transactions: Part C 10-C(6) (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Ilsun You
    • 1
  1. 1.Department of Information ScienceKorean Bible UniversitySeoulSouth Korea

Personalised recommendations