Abstract
To reduce the damage of phishing and spyware attacks, banks, governments, and other security-sensitive industries are deploying one-time password systems, where users have many passwords and use each password only once. If a single password is compromised, it can be only be used to impersonate the user once, limiting the damage caused. However, existing practical approaches to one-time passwords have been susceptible to sophisticated phishing attacks.
We give a formal security treatment of this important practical problem. We consider the use of one-time passwords in the context of password-authenticated key exchange (PAKE), which allows for mutual authentication, session key agreement, and resistance to phishing attacks. We describe a security model for the use of one-time passwords, explicitly considering the compromise of past (and future) one-time passwords, and show a general technique for building a secure one-time-PAKE protocol from any secure PAKE protocol. Our techniques also allow for the secure use of pseudorandomly generated and time-dependent passwords.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abdalla, M., Chevassut, O., Pointcheval, D.: One-time verifier-based encrypted key exchange. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 47–64. Springer, Heidelberg (2005)
Babbage, S., Catalano, D., Cid, C., Dunkelman, O., Gehrmann, C., Granboulan, L., Lange, T., Lenstra, A., Nguyen, P.Q., Paar, C., Pelzl, J., Pornin, T., Preneel, B., Rechberger, C., Rijmen, V., Robshaw, M., Rupp, A., Smart, N., Ward, M.: ECRYPT yearly report on algorithms and keysizes (2007–2008) (July 2008), http://www.ecrypt.eu.org/documents/D.SPA.28-1.1.pdf
Bellare, M., Pointcheval, D., Rogaway, P.: Authenticated key exchange secure against dictionary attacks. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 139–155. Springer, Heidelberg (2000)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proc. 1st ACM Conference on Computer and Communications Security (CCS), pp. 62–73. ACM, New York (1993)
Bellovin, S.M., Merritt, M.: Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Proceedings of the 1992 IEEE Computer Society Conference on Research in Security and Privacy. IEEE, Los Alamitos (May 1992)
Bellovin, S.M., Merritt, M.: Augmented encrypted key exchange: a password-based protocol secure against dictionary attacks and password file compromise. In: Proc. 1st ACM Conference on Computer and Communications Security (CCS), pp. 244–250. ACM, New York (1993)
Blizzard Entertainment: Blizzard authenticator (2009), http://eu.blizzard.com/support/article.xml?locale=en_GB&articleId=28152
Boyko, V., MacKenzie, P., Patel, S.: Provably secure Password-Authenticated Key exchange using Diffie-Hellman. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 156–171. Springer, Heidelberg (2000)
Chevassut, O., Siebenlist, F., Helm, M.: Secure (one-time-) password authentication for the Globus toolkit. In: GlobusWorld Conference (February 2005), http://acs.lbl.gov/Projects/OPKeyX/Talks/GlobusWorld05/GlobusWorld05.html
F-Secure: Weblog: More on international phishing (October 2005), http://www.f-secure.com/weblog/archives/00000689.html
Fang, L., Meder, S., Chevassut, O., Siebenlist, F.: Secure password-based authenticated key exchange for web services. In: Proc. 2004 Workshop on Secure Web Service (SWS), pp. 9–15. ACM, New York (2004)
Gentry, C., MacKenzie, P., Ramzan, Z.: PAK-Z+ contribution to the IEEE P1363-2000 study group for Future PKC Standards (August 2005), http://grouper.ieee.org/groups/1363/WorkingGroup/presentations/pakzplusv2.pdf ;
Goldreich, O., Goldwasser, S., Micali, S.: How to construct random functions. Journal of the ACM 33(4), 792–807 (1986)
Haller, N.: The S/KEY one-time password system. RFC 1760 (February 1995), http://www.ietf.org/rfc/rfc1760.txt
Haller, N., Metz, C., Nesser II, P.J., Straw, M.: A one-time password system. RFC 2289 (February 1998), http://www.ietf.org/rfc/rfc2289.txt
Kaufman, C.: Internet Key Exchange (IKEv2) protocol. RFC 4306 (2005), http://www.ietf.org/rfc/rfc4306.txt
Kumar, S., Sing, A.: One time password in IKE version 2, non-EAP based (November 2008) (internet-Draft), http://tools.ietf.org/id/draft-sunabhi-otp-ikev2-03.txt
MacKenzie, P.: The PAK suite: Protocols for password-authenticated key exchange. Tech. Rep. 2002-46, DIMACS Center, Rutgers University (2002), http://dimacs.rutgers.edu/TechnicalReports/abstracts/2002/2002-46.html
Mobile-OTP Project: Mobile one time passwords, http://motp.sourceforge.net/
Nationwide Building Society: Card reader security (May 2009), http://www.nationwide.co.uk/rca/
Nordea Bank: Netbank security (2009), http://www.nordea.ee/Private+customers/E-channels++Netbank/Netbank/Netbank+Security/936612.html
Paterson, K.G., Stebila, D.: One-time-password-authenticated key exchange (full version), http://eprint.iacr.org/2009/430
Nystroem, M.: The EAP protected one-time password protocol (EAP-POTP). RFC 4793 (February 2007), http://www.ietf.org/rfc/rfc4793.txt
Prigg, M.: The new credit card with keypad that promises to fight online fraud (November 2008) (The Daily Mail Online), http://www.dailymail.co.uk/sciencetech/article-1085642/The-new-credit-card-keypad-promises-fight-online-fraud.html?ITO=1490
RSA Security Inc.: RSA SecurID (2009), http://www.rsa.com/node.aspx?id=1156
Shoup, V.: On formal models for secure key exchange (version 4) (November 1999), http://shoup.net/papers/skey.pdf , earlier version appeared as Report RZ 3120, IBM Research (April 1999), http://www.zurich.ibm.com/security/publications/1999/Shoup99.ps.gz
Stebila, D.: Classical Authenticated Key Exchange and Quantum Cryptography. Ph.D. thesis, University of Waterloo (2009), http://www.douglas.stebila.ca/research/papers/ste09/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Paterson, K.G., Stebila, D. (2010). One-Time-Password-Authenticated Key Exchange. In: Steinfeld, R., Hawkes, P. (eds) Information Security and Privacy. ACISP 2010. Lecture Notes in Computer Science, vol 6168. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-14081-5_17
Download citation
DOI: https://doi.org/10.1007/978-3-642-14081-5_17
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-14080-8
Online ISBN: 978-3-642-14081-5
eBook Packages: Computer ScienceComputer Science (R0)