One-time Password Research Articles

EVALUATING THE EFFECTIVENESS OF MULTI-FACTOR AUTHENTICATION IN MITIGATING CYBER THREATS IN DIGITAL BANKING PLATFORM IN GHANA

With the rapid growth of digital banking platforms in Ghana, cyber threats have become a major concern for financial institutions and consumers alike. Multi-Factor Authentication (MFA) has emerged as a critical security measure to protect sensitive financial data and prevent unauthorized access to digital banking systems. This study aims to evaluate the effectiveness of MFA in mitigating cyber threats within the Ghanaian digital banking ecosystem. The research investigates how various MFA methods, including SMS-based one-time passwords (OTPs), biometric verification, and hardware tokens, contribute to enhancing the security posture of banks operating in Ghana. Through a combination of quantitative data analysis and expert interviews, the study examines the extent to which MFA reduces risks such as phishing attacks, account takeovers, and unauthorized transactions. It also explores the user experience and adoption challenges associated with MFA, including its impact on customer convenience and trust. By analysing real-world cyber incidents in Ghanaian banks, the study identifies gaps in current MFA implementations and suggests areas for improvement. The findings reveal that while MFA significantly lowers the risk of cyberattacks, factors such as user education, infrastructure reliability, and the sophistication of cybercriminals impact its overall effectiveness. The study concludes with policy recommendations for financial institutions, suggesting a more layered approach to security, the integration of advanced authentication techniques, and the importance of fostering user awareness to combat evolving cyber threats in Ghana's digital banking sector.

Permutation-Based Hash Chains with Application to Password Hashing

Hash chain based password systems are a useful way to guarantee authentication with one-time passwords. The core idea dates back to Lamport, and is specified in RFC 1760 as S/Key. At CCS 2017, Kogan et al. introduced T/Key, an improved password system where one-time passwords are only valid for a limited time period. They proved security of their construction in the random oracle model under a basic modeling of the adversary. In this work, we make various advances in the analysis and instantiation of hash chain based password systems. Firstly, we describe a slight abstraction called U/Key that allows for more flexibility in the instantiation and analysis, and we develop a security model that refines the adversarial strength into offline and online complexity, that can be used beyond the random oracle model, and that allows to argue multi-user security directly. Secondly, we derive a new security proof of U/Key in the random oracle model, as well as dedicated and tighter security proofs of U/Key instantiated with a sponge construction and a truncated permutation. These dedicated security proofs, in turn, solve a problem of understanding the preimage resistance of a cascaded evaluation of the sponge construction. When applied to T/Key, these results improve significantly over the earlier results: whereas the originally suggested instantiation using SHA-256 uses a compression function that maps 768 bits into 256 bits, with a truncated permutation construction one can generically achieve 128 bits of security already with a permutation of size 256 bits.

User Authentication System Using Python

User authentication is a critical component in ensuring the security and privacy of digital systems. This paper User authentication is a critical component in ensuring the security and privacy of digital systems. This paper explores the implementation of user authentication explores the implementation of user authentication systems using Python, a versatile and widely-used systems using Python, a versatile and widely used programming language. With its robust libraries and frame works, Python provides a comprehensive eco system for designing, developing, and deploying secure authentication mechanisms. The study focuses on the practical implementation of authentication methods, including password-based systems, two-factor authentication (2FA), and biometrics integration. Python libraries such as Flask and Django are employed to create backend systems, while libraries liked crypt and pass lib are utilized for hashing and securing passwords. The integration of 2FA is demonstrated using PyOTP, which facilitates one-time password generation to enhance security. This paper also highlights the role of JSON Web Tokens (JWT) in enabling secure, stateless user sessions, making them suitable for modern web and mobile applications. Python's inter operability with biometric authentication systems is explored through the use of APIs and machine learning libraries, providing a foundation for advanced authentication mechanisms. The proposed authentication system is evaluated for its security, scalability, and ease of implementation, offering insights into best practices for minimizing vulnerabilities such as brute force attacks and data breaches. Additionally, the paper emphasizes the importance of encrypting sensitive user data during transmission using libraries like cryptography and SSL/TLS protocols. In conclusion, the paper demonstrates Python's potential to implement secure, flexible, and scalable user authentication systems suitable for diverse applications. It serves as a guide for developers and researchers aiming to enhance the security of their systems through robust authentication techniques. Programming language with its robust libraries and frameworks, Python provides a comprehensive eco system for designing, developing, and deploying secure authentication mechanisms. The study focuses on the practical implementation of authentication methods, including password-based systems, two-factor authentication (2FA), and biometrics integration. Python libraries such as Flask and Django are employed to create backend systems, while libraries like bcrypt and passlib are utilized for hashing and securing passwords. The integration of 2FA is demonstrated using PyOTP, which facilitates one-time password generation to enhance security.

EVALUATING THE IMPACT OF MULTI FACTOR AUTHENTICATION ON CYBERSECURITY EFFECTIVENESS

In today's digital age, the convenience of online financial transactions is accompanied by rising cybersecurity risks. The shift to digital platforms for conducting daily financial activities has significantly exposed customers to cyber threats. These threats often result from unauthorized access, phishing attacks, and fraud attempts by cybercriminals. Ensuring the security of these transactions is crucial to maintain users' trust and to protect sensitive financial data. This study proposes a comprehensive security framework to strengthen the safety of online financial transactions, using a combination of multi-factor authentication (MFA) and a machine learning-based fraud detection system, termed "E-cyberboost." The framework operates on two primary layers, each designed to address a different aspect of security: identity verification and real-time fraud detection. The first layer involves multi-factor authentication, where users must verify their identity. This layer typically combines something the user knows (like a password) with something they have (such as a one-time password or OTP sent to their mobile device) or something they are (such as fingerprint or facial recognition). MFA significantly reduces unauthorized access by ensuring that even if one authentication factor is compromised, additional verification is required to gain access. The second layer introduces an advanced machine-learning component. Named "E-cyberboost," this machine learning model actively monitors ongoing transactions, detecting patterns that may indicate fraudulent activity. If the system identifies any unusual or suspicious transaction behaviour, it immediately triggers a security response, such as additional user verification or temporarily blocking the transaction. This proactive approach allows the system to address potential fraud in real time, adapting to evolving threats by learning from previous incidents and continuously improving its detection accuracy. By combining the preventive measures of MFA with the responsive capabilities of machine learning, this framework provides robust security against both common and sophisticated cyber threats. The study discusses the methodology, implementation, and effectiveness of this layered approach in reducing the risk of unauthorized transactions and protecting users' financial information. The proposed framework aims to enhance trust in online financial platforms and ensure a safer digital transaction experience for users. Index Terms—Multifactor authentication, machine learning, fraud detection, E-cyberboost

Three Layered Bank Locker Security System

The three layered bank locker security system consists of iris scanning, fingerprint scanning and one time password (OTP) generation. The iris and fingerprint for every person is unique.No two persons in this world have identical iris or fingerprint. There is need of proper authentication to access crucial data in some cases. With the help of this system, unauthorized entry of a person can be stopped. By using this process we can avoid unauthorized entry in authorized areas like bank locker, in military base stations security, criminal identification, security system in R&D labs etc. The process of checking each & every persons ID manually by security guard is very difficult and also a time consuming process so, to solve all these problems we use smart locker system. The three layered bank locker security system is user friendly system. With the help of this security system we can make bank lockers more secure

An introduction to using QR codes in web portals for synchronizing calendar events over phones

An optical label with machine-readable information about the object it is attached to is called a quick response (QR) code. QR codes frequently hold information for a tracker, locator, or identifier that directs users to a website or application. To efficiently store data, a QR code has four standardized encoding modes: kanji, byte or binary, alphanumeric, and numeric. As a means of identifying a wide range of commercial goods, including transactions, ads, and other public notices, the QR code gained popularity. In our web portal, the proposed QR code model synchronizes all the event details synchronously in the mobile calendar. QR code is used for web-to-mobile data transfer, saving events or meeting details in the mobile calendar. Anyone with a smartphone can view the data encoded in a QR code by scanning it. Although it makes it easier for end users to decode QR codes, verifying access to the encoded data is a cause for worry. Our proposed model validates access to data through the QR code, allowing only authorized personnel to access data. To ensure accessibility control, the proposed model has the functionality of a one-time password (OTP) that enhances application security. The model achieved an average decoding speed of 157 milliseconds with an error rate of 0.38%.

MENGADOPSI KODE OTP UNTUK MEMVERIFIKASI AKUN APLIKASI WHATSAPP DAN EMAIL

Usernames and passwords as authentication requirements for a system that are used repeatedly can make account security on that system vulnerable to data theft. Digital application access security is increasingly important, especially with the increase in cyber-attacks against login systems that use statistical passwords. One-Time Password (OTP) is one of the popular security solutions to enhance the login verification layer. This research aims to implement an OTP system on the WhatsApp and email applications as an authentication method. The method used is through experimental web-based application development by sending WhatsApp OTP and email and users are required to verify their identity using the code. Testing was carried out on 10 users by dividing them into two groups who received authentication via WhatsApp and email. The research results show that implementing OTP has succeeded in reducing the risk of unauthorized access by up to 80%. Thus, it is hoped that the use of OTP will effectively increase the security of the login process without involving the user. Thus, it is hoped that this research can contribute to better passcode security.

LightAuth: A Lightweight Sensor Nodes Authentication Framework for Smart Health System

ABSTRACTCounterfeit medical devices pose a threat to patient safety, necessitating a secure device authentication system for medical applications. Resource‐constrained sensory nodes are vulnerable to hacking, prompting the need for robust security measures. Token‐based authentication schemes, such as one‐time passwords (OTPs), smart cards, key fobs, and mobile authentication apps, along with certificate‐based authentication methods, such as client and code‐signing, employ cryptographic frameworks like elliptical curve cryptography (ECC) and physical unclonable functions (PUF). However, these methods face challenges, including block sequence issues and susceptibility to side‐channel attacks. To address these issues, we propose a framework for mutual authentication using private Ethereum. This framework integrates private Ethereum and cryptographic techniques for encrypting and decrypting data using mathematical algorithms to overcome block sequence issues and side‐channel attacks. Similarly, fog nodes are utilised to enhance local computing, storage, and networking capabilities for sensors. The framework is evaluated using metrics such as communication costs, execution costs, and computation costs based on Ethereum gas consumption. The performance of the LightAuth framework is compared with that of the Smart Contracts Against Counterfeit IoMT (SCACIoMT) framework, designed for Internet of Medical Things (IoMT) devices. The effectiveness of LightAuth is verified through formal security analysis using BAN logic.

Maintaining Integrity and Confidentiality of Patients’ Records Using an Enhanced Security Technique

Medical record storage on paper is currently being phased out and replaced by more sophisticated Electronic Health Record (EHR) systems. However, the ease of access to data and the digitization of medical records also come with the potential of misuse of personally identifiable information and healthcare data breaches. How technology will protect patient privacy is one of the primary concerns about EHRs. Network connectivity is another major issue, therefore keeping private health information online may expose it to major information leaks to external parties. Around the world, data management and privacy are major concerns. The main concerns that prevent businesses from using cloud computing are security and information authenticity, as they fear that data may be lost to unauthorized parties. The quantity of patient-oriented data in the healthcare system is continuously increasing, and the current medical systems are confronted with security issues such as weak access control, data breaches or unauthorized disclosure, and insufficient authorization and authentication. An Enhanced Security Model was created in this study to secure and protect Electronic Health Records. The records were encrypted for security and privacy utilizing the Advanced Encryption Standard (AES), One Time Password (OTP), and National Identity Number (NIN). The system was designed using Object Oriented Analysis and Design Methodology (OOADM). The New System improved patient record security by utilizing NIN for cloud identity management, OTP for authentication, and AES for privacy and security. While the MySQL server was used to implement the database, HTML, CSS, PHP, and JavaScript were used to program the system. Comparing the new system to the old system, the results of the performance assessment analysis based on security, user-friendliness, dependability, and privacy show that the new system has very good performance efficiency and integrity.

2-D Threshold Hyperchaotic Map and Application in Timed One-Time Password

2-D Threshold Hyperchaotic Map and Application in Timed One-Time Password

Heuristic machine learning approaches for identifying phishing threats across web and email platforms.

Life has become more comfortable in the era of advanced technology in this cutthroat competitive world. However, there are also emerging harmful technologies that pose a threat. Without a doubt, phishing is one of the rising concerns that leads to stealing vital information such as passwords, security codes, and personal data from any target node through communication hijacking techniques. In addition, phishing attacks include delivering false messages that originate from a trusted source. Moreover, a phishing attack aims to get the victim to run malicious programs and reveal confidential data, such as bank credentials, one-time passwords, and user login credentials. The sole intention is to collect personal information through malicious program-based attempts embedded in URLs, emails, and website-based attempts. Notably, this proposed technique detects URL, email, and website-based phishing attacks, which will be beneficial and secure us from scam attempts. Subsequently, the data are pre-processed to identify phishing attacks using data cleaning, attribute selection, and attacks detected using machine learning techniques. Furthermore, the proposed techniques use heuristic-based machine learning to identify phishing attacks. Admittedly, 56 features are used to analyze URL phishing findings, and experimental results show that the proposed technique has a better accuracy of 97.2%. Above all, the proposed techniques for email phishing detection obtain a higher accuracy of 97.4%. In addition, the proposed technique for website phishing detection has a better accuracy of 98.1%, and 48 features are used for analysis.

Testing the limits of SPDM: Authentication of intermittently connected devices

The Security Protocol and Data Model (SPDM) is an open standard for authentication, attestation, and key exchange among hardware units, such as CPUs and peripheral components. In principle, SPDM was designed to operate over a somewhat stable communication channel, meaning that connection losses usually require the re-execution of the entire protocol. This puts into question SPDM’s suitability for battery-powered devices, which may keep only intermittent communications aiming to save energy. To address this question, we evaluate different authentication approaches that build upon and extend SPDM’s native key bootstrapping capabilities to handle intermittent authentication. In particular, we show that the combination of SPDM and a Time-based One-Time Password (TOTP) protocol is a promising solution for this scenario. We analyze the performance of the proposed authentication schemes using a proof-of-concept virtual device. The TOTP-based scheme was shown to be the fastest, the reconnection step being at least twice and up to 900× faster than possible straightforward applications of SPDM. Also, our scheme requires less memory to operate. Finally, we discuss the possibility of integrating intermittent authentication capabilities into the SPDM standard itself.

Enhanced Privacy-Preserving Federated Learning with Exit Tolerance and Verifiable Aggregation

With the escalating importance of data privacy, Federated Learning (FL) has drawn significant attention as a machine learning framework that facilitates collaborative model training among multiple users without the need for direct data sharing. This paper presents an enhanced Federated Learning scheme designed to bolster user privacy protection while maintaining the efficiency and performance of model training. Our approach integrates the use of random seeds and One-Time Password (OTP) technology to reinforce data encryption, and employs an advanced masking mechanism coupled with bilinear pairing for verification, thereby enhancing the security of the aggregation process. Additionally, our design accommodates user exits during the training process without compromising the overall training outcome. Through rigorous experimental analysis, we have demonstrated the effectiveness of our scheme, showcasing its acceptable computational and communication overheads. This research introduces a novel solution to privacy preservation challenges in Federated Learning, laying a solid foundation for the advancement of related technologies.

Internship management system with passwordless authentication for university stakeholders

Conventional account credentials that include a password are becoming obsolete due to their limitations and susceptibility to cyber threats. This demands using alternative authentication methods that eliminate the risks of breaches and phishing. This paper discusses the integration of passwordless authentication into an electronic document management system (EDMS). The authentication method used in the system utilizes a Time-Based One-Time Password (TOTP), which operates security keys in the form of one-time passwords (OTP) that are sent to the users via email, short message service (SMS), or mobile application. The TOTP algorithm is used in the system, allowing time value as a moving factor. The Rapid Application Development (RAD) model was used in the system development and ISO 25010 was used in the evaluation. The sample size of the respondents for the acceptance testing was determined using Krejcie and Morgan’s formula. The research sample involves 10 information technology experts, one on-the-job training (OJT) coordinator, three OJT advisers, and 244 OJT students. Based on the results, the system was rated outstanding (system evaluation=4.66; acceptance evaluation=4.34), implying that the system met its requirements and that passwordless authentication was proven to increase the security of the developed system. This outcome serves as the basis for integrating passwordless authentication into various systems.

VISUAL CRYPTOGRAPHY WITH COLOR IMAGE ENCRYPTION VIA IMPROVED ELLIPTIC CURVE CRYPTOGRAPHY (ECC) AND OTP GENERATION: SELF-IMPROVED GOLD RUSH OPTIMIZATION ALGORITHM FOR OPTIMAL KEY GENERATION

Visual Cryptography is a cryptographic technique that involves encrypting images in such a way that decryption can be performed visually without the need for complex computations. This technique holds significant importance in secure image sharing, as it ensures that sensitive visual information remains confidential during transmission. Recognizing this significance, a novel approach named Self-Improved Gold Rush Optimization (SIGRO)-based Visual Cryptography has been proposed in this research. This approach encompasses two main phases: Embedding and Extraction. It involves encrypting three original images and two secret images using various encryption techniques such as Random grid-based secret image sharing, Extended Visual Cryptography Scheme (EVCS), and Kronecker product-based encryption, along with the integration of security measures like Modified HMAC-based One-Time Password generation technique (MHOTP) for Improved Elliptic Curve Cryptography (IECC)-based encryption and Baker's map-based encryption. In Kronecker product-based encryption stage, the SIGRO algorithm is utilized to generate optimal keys for encryption purposes. The SIGRO algorithm is proposed as a well-versed approach than the conventional Gold Rush Optimization (GRO) algorithm, incorporating three key enhancements. These enhancements significantly contribute to the efficacy and reliability of the SIGRO algorithm in generating optimal keys for Kronecker product-based encryption. Furthermore, the IECC-based encryption utilizes the MHOTP generation technique, where the OTPs generated by this technique serve as the keys for this encryption stage, enhancing the ECC algorithm into an IECC algorithm. The decryption process involves reversing the steps applied during various encryption stages. This proposed approach's significance lies in its ability to enhance security through a combination of encryption methods and security measures.

Leveraging quantum uncertainty: Quantum randomness through the lens of classical communication networks

The generation of random numbers and the study of its properties have been an elusive field for a fair portion of the century. The application of random numbers is employed in many use cases such as cryptography, neural networks, numerical simulation, and gambling. The performance of each of these use cases is profoundly impacted by the employed random numbers; henceforth, the quality of randomness is of critical importance when it comes to their usage. A poorly generated random number can make a security system vulnerable, or any numerical or statistical evaluation misleading. Although various modes of classical random number generators exist and still function to provide strong cryptographic properties, emergence of quantum mechanical randomness has shed light on a novel path of generating certified randomness which supersedes the classical counterpart in terms of security. Harnessing quantum mechanical phenomena enables generation of true random numbers which can be certified and further implemented to elevate the net quality of the specific use cases. In this work, we generate and analyze random numbers from three different sources — 50: 50 beam splitter (BS), quantum key distribution (QKD) setup with classical post-processing scheme, and a commercially available quantum random number generator (QRNG) (ID Quantique (IDQ)). The quality of the generated random numbers from the various sources is checked in statistical tests and compared. Further on, we have developed a system which implements the QRNG-based random numbers to facilitate message authentication code (MAC) and one time password (OTP) protocols, demonstrating a communication network application. In this manner we discuss about a network which integrates quantum mechanics to the current classical networking approaches to enhance certain aspects of the networking protocol — in this case, the security.

Implementing a Three-Step Security Protocol for Advanced Online Election Systems: A Novel Approach

Organization of voting is the strength of character of all equalitarianism and system. Our country utilize an offline voting systems that are incompetent and disorganized by cause of the demand for abundant man power, and more refinement time for announcement outcome. Our Online Voting System aims at minimizing the division between traditional voting methods by facilitating and updating them. Our system makes it possible for voters to vote their favorable candidates from home through safe and stable online voting. By integrating India's Aadhaar card system and implementing OTPs (One Time Passwords) for better security, ensure a resilient and trustworthy voting process with full integrity. Once they login, voters are led through a strict authentication rules that checks for the genuineness of their ID cards before allowing them to continue. This comprehensive verification mechanism provides that only individuals who meet the requirements are able to participate thereby considerably decreasing the chance for electoral fraud. In addition to that, we also ensure that the system gives space to vote in secret and the votes are protected using strong cryptography measures. Our platform aims at fulfilling this object by leveraging advanced technologies. In this regard, we work towards a better and more egalitarian and democratic electoral system.

PENGAMANAN DATA EKSTENSI FILE PDF DENGAN ALGORITMA AES DAN OTP

The rapid development of technology presents new challenges in maintaining data security and privacy, especially concerning the security and confidentiality of documents that are vulnerable to eavesdropping and theft. Cryptography is the art and science of maintaining the confidentiality of messages using mathematical techniques related to data security, such as privacy, data integrity, and authentication. Cryptography can be applied in various sectors to enhance data security and protect sensitive information from risks such as unauthorized access, theft, and misuse of personal data. For instance, PDFs, which are digital document formats, are often used for various purposes, such as online applications, registrations, and digital transactions. AES (Advanced Encryption Standard) is a widely used encryption algorithm for protecting data, and the use of OTP (One Time Password) is a security technique that requires two different steps of verification to access a system. The AES algorithm provides strong security by utilizing complex transformations that make it very difficult to break, and the addition of OTP further enhances data security before it is returned to its original form.

Quantum-attack-resilience OTP-based multi-factor mutual authentication and session key agreement scheme for mobile users

Due to rapid advancements in hardware and mobile communication technologies, the usage of various mobile-based online applications is increasing tremendously. However, security and privacy are two of the most essential features of wireless communication. Using a Mutual Authentication and Session Key Agreement (MASK) scheme, an authorized mobile user can login to a remote server over the Internet. In quantum contexts, many of the MASK schemes are not secure. This paper proposes a One-Time Password (OTP) and biometric-based Multi-Factor MASK (OTP-MF-MASK) scheme for mobile users. We used Peikert’s authentication and reconciliation mechanism, defined for the post-quantum environments. The OTP-MF-MASK scheme used a password, mobile device, biometric, and OTP as login credentials. To avoid the biometric acquisition problem, we used the fuzzy extractor in the OTP-MF-MASK scheme. We proved that the OTP-MF-MASK scheme is semantically secure in the Random Oracle Model (ROM) based on the hardness assumption of the Ring Learning With Errors (RLWE) problem. The OTP-MF-MASK scheme is compared with state-of-the-art schemes to justify the attack-resilience and computation efficiencies in quantum environments.

Automated Fee Payment Systems in ATM Enhancing Security & Efficiency Through OTP Verification

This paper explores the integration of automated fee payment systems in ATMs, focusing on the use of One- Time Password (OTP) verification to enhance transaction security and efficiency. The system allows users to authenticate their identity through an ID card, enter a unique Zero Payment Reference Number (ZPRN), and deposit the required fee. The ATM then sends an OTP to the user’s registered mobile number, which the user must enter to complete the transaction. This method prevents unauthorized transactions, even if the ID card and ZPRN are compromised. The paper examines the design and implementation of these systems, their advantages, and challenges. It highlights how OTP verification increases security and user confidence, making ATMs a more reliable option for complex financial transactions. Additionally, it discusses the potential for future enhancements such as biometric authentication and blockchain technology to further improve ATM security and efficiency. Despite challenges like technical issues and the need for user education, the benefits of automated fee payment systems with OTP verification make them a significant advancement in financial technology.