One Time Password Generation based on Random Permutation using User Identity with Timestamp

Shakir M H Al-Farraji,Huda Saadeh

doi:10.35940/ijeat.d7019.049420

Abstract

A password is a string of alphanumeric elements that is used mainly to authenticate user identity in order to give permission gaining access to the computer resources that should be secured from any unauthorized access. For this reason, password need to be kept secure among different types of attack. One way to increase the security of gaining access to any computer resources is the using of one-time password as a two-factor authentication which is generated for using it only one time. In this paper, we introduced a new method to generate a one-time password that depends on the user identity such as user account name or password and the timestamp. This information is gathered to make a string that will be used to generate a random permutation of a given size. The process of generating random permutation is a one-way hashing method. From the generated random permutation, the one-time password is constructed with a flexibility of having different size as needed.

Highlights

Using internet applications either through PCs, Servers, Mobile devices or any other internet connected devices is massively increased in the few past years [1], [2]
This paper focuses on a new method for generating a powerful and secured One Time Password (OTP) that can be used in any application needs authentication
The same data given above concerning the user account name, permutation size, and OTP size are used in 10 different times generate different OTPs as shown in table II

Summary

Introduction

Using internet applications either through PCs, Servers, Mobile devices or any other internet connected devices is massively increased in the few past years [1], [2]. Some of these applications are public and do not influence their users with regards to security breaches. Granting user to access any type of service needs to check his/her account name and password in order to protect unauthorized individuals from gaining access to the service. These checking mechanisms are usually known as authentication [3]. Authentication process is a key factor in maintaining system’s and user’s security by limiting systems and services access to legitimate authorized users, and preventing intruders from disclosing systems’ information, user’s privacy or performing various types of attacks [4]

Methods

Results

Conclusion