Time-based OTP authentication via secure tunnel (TOAST): A mobile TOTP scheme using TLS seed exchange and encrypted offline keystore
| Title | Time-based OTP authentication via secure tunnel (TOAST): A mobile TOTP scheme using TLS seed exchange and encrypted offline keystore |
| Publication Type | Conference Paper |
| Year of Publication | 2014 |
| Authors | Uymatiao, M.L.T., Yu, W.E.S. |
| Conference Name | Information Science and Technology (ICIST), 2014 4th IEEE International Conference on |
| Date Published | April |
| Keywords | authentication, authorisation, BC UBER keystore, cryptographic standards, cryptography, cryptosystems development, encrypted offline keystore, Google, IETF RFC 6239 standard, Mobile communication, mobile TOTP scheme, multifactor authentication, multifactor authentication cryptosystem, one-time password, password-protected keystore, PBEWithSHAANDTwofish-CBC function, Radiation detectors, secure tunnel, security requirements, Servers, software-based token, strong key derivation function, time-based OTP authentication, TLS seed exchange, TOAST scheme, TOTP algorithm, Transport Layer Security, Web protocols |
| Abstract | The main objective of this research is to build upon existing cryptographic standards and web protocols to design an alternative multi-factor authentication cryptosystem for the web. It involves seed exchange to a software-based token through a login-protected Transport Layer Security (TLS/SSL) tunnel, encrypted local storage through a password-protected keystore (BC UBER) with a strong key derivation function (PBEWithSHAANDTwofish-CBC), and offline generation of one-time passwords through the TOTP algorithm (IETF RFC 6239). Authentication occurs through the use of a shared secret (the seed) to verify the correctness of the one-time password used to authenticate. With the traditional use of username and password no longer wholly adequate for protecting online accounts, and with regulators worldwide toughening up security requirements (i.e. BSP 808, FFIEC), this research hopes to increase research effort on further development of cryptosystems involving multi-factor authentication. |
| DOI | 10.1109/ICIST.2014.6920371 |
| Citation Key | 6920371 |
- password-protected keystore
- Web protocols
- Transport Layer Security
- TOTP algorithm
- TOAST scheme
- TLS seed exchange
- time-based OTP authentication
- strong key derivation function
- software-based token
- Servers
- security requirements
- secure tunnel
- Radiation detectors
- PBEWithSHAANDTwofish-CBC function
- authentication
- one-time password
- multifactor authentication cryptosystem
- multifactor authentication
- mobile TOTP scheme
- Mobile communication
- IETF RFC 6239 standard
- encrypted offline keystore
- cryptosystems development
- Cryptography
- cryptographic standards
- BC UBER keystore
- authorisation