Secure Seed-Based Sturdy OTP via Convenient Carry-on Device

  • Ashok Kumar Mohan
  • T. Gireesh Kumar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 324)


The Internet users for the purpose of easy memorizing select a weak password and reuse it along many Web sites vulnerable to password stealing and reuse due to rapid growth of cloud computing. Sturdy one-time password (S-OTP) provides with easy remembrance and prevention of password reuse using personal Android mobile phone without the necessity of sending an SMS and can be integrated into any original user authentication system without contradicting the overall security. Also, in the worst cases, if the mobile phones are stolen, it is made unfeasible by means of two-dimensional SHA3 and MD5 forward hashing with unique and secure hard-coded seed information from mobile device.


Sturdy one-time password Two-dimensional SHA3 and MD5 Dynamic keypad lock OTP TOTP 


  1. 1.
    S. Indu, T.N. Sathya, V. Saravana Kumar, A stand-alone and SMS-based approach for authentication using mobile phone: IEEE Trans. (2013)Google Scholar
  2. 2.
    J.-Y. Hu, C.-C. Sueng et al., Android-based mobile payment service protected by 3-factor authentication and virtual private ad hoc networking, pp. 111–116 (2012)Google Scholar
  3. 3.
    Y.-W. Kao, G.-H. Luo, H.-T. Lin et al., Physical access control based on QR code, in IEEE. 2011 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (2011), pp. 285–288Google Scholar
  4. 4.
    A.A. Khan, Preventing phishing attacks using one time password and user machine identification. Int. J. Comput. Appl. (2013)Google Scholar
  5. 5.
    C.-I. Fan, C.-N. Wu et al., Active One-Time Password Mechanism for User Authentication (Springer, Berlin, 2013), pp. 464–471Google Scholar
  6. 6.
    Artan Luma, Betim Prevalla et al., LumaCert: conception and creation of new digital certificate for online user authentication in e-Banking systems. World Acad. Sci. Eng. Technol. 78, 1333–1391 (2013)Google Scholar
  7. 7.
    M.H. Eldefrawy, M.K. Khan, K. Alghathbar, One-Time Password System with Infinite Nested Hash Chains, vol. 122, CCIS (Springer, Berlin, 2010), pp. 161–170Google Scholar
  8. 8.
    V.P Thakur, K.N. Hande, Hash based dynamic password authentication mechanism for kerberos environment. IJERT,, pp. 2278–0181 (2013)
  9. 9.
    W. Jang, S. Cho et al., User-Oriented Pseudo Biometric Image Based One-Time Password Mechanism on Smart Phone, vol. 199 (Springer, Berlin, 2011), pp. 49–58Google Scholar
  10. 10.
    X. Liu, Y. Shen et al., A fingerprint-based user authentication protocol with one-time password for wireless sensor networks (2013)Google Scholar

Copyright information

© Springer India 2015

Authors and Affiliations

  1. 1.TIFAC CORE in Cyber SecurityAmrita Vishwa Vidyapeetham UniversityCoimbatoreIndia

Personalised recommendations