OTP on Demand - An Embedded System for User Authentication

Abstract

Security plays a vital role in the world of communication. In applications such as banking, making access to any personal resource of an individual via wireless media requires the validation of authorized user at every moment. Static passwords have been in use which is vulnerable to attacks such as reply attack. One Time Password (OTP) is a particular kind of password that is valid only for only one login session or transaction. OTP provides a secure way for user authentication as it becomes invalid when used beyond the prescribed time frame. High level of randomness is the significant property required for OTPs. True randomness can be generated from real-world parameters that can produce unpredictable variations in its output. This paper presents an embedded hardware OTP generation system based on remote request via DTMF signals. The proposed hardware uses a confluence of real-world parameters and software-based chaotic function on an embedded platform for OTP generation. The proposed system also facilitates change in the generation of OTPs via discretionary external inputs from users.