Securing One Time Password (OTP) for Multi-Factor Out-of-Band Authentication through a 128-bit Blowfish Algorithm

Abstract

Authentication and cryptography have been used to address security issues on various online services. However, researchers discovered that even the most commonly used multi-factor out-of-band authentication mechanism was vulnerable to attacks and traditional crypto-algorithms were characterized to have some drawbacks making it crucial to choose desirable algorithms for a particular purpose. This study introduces an innovative modification of the Blowfish algorithm designed to capitalize on its strengths but supports 128-bits block size text input using dynamic selection encryption method and reduction of cipher function execution through randomly determined rounds. Experimentation results on 128-bit input text revealed significant performance improvements with utmost 5.91 % in terms of avalanche effect, 38.97 % for integrity, and 41.02 % in terms of execution time. Results also showed that the modification introduced extra security layer, thus, displaying higher complexity and stronger diffusion at faster execution time making it more difficult and complex for an unauthorized individual to decipher the information and desirable to be used for applications with multiple users respectively. This is a good contribution to the continuous developments in the field of information security particularly in cryptography and towards providing a secure OTP for multifactor out-of-band authentication.