Abstract
We consider the extension of the Lamport-like one-time password scheme proposed at BWCCA2017. In our new method, the act of authentication is performed by disclosing the digest values linked to the nodes located higher than the digests of the leaf node of the hash chain, just like as the Lamports’ authentication method. In the tree structure like as Merkle tree in which there are multiple nodes disclosed at authentication phase, the prover can transmit secret data to the verifier by changing the disclosure order. This paper adopts a model that embeds information in the “edge having a node to be disclosed”, sets up a kind of optimization problem, and discusses efficiency from concrete toy case examples with small depths of Merkle tree.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
NIST Special Publication 800-63-3, Digital Identity Guidelines. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-63-3.pdf
ITU-T Recommendation X.509 | ISO/IEC 9594-8, Information Technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks (2016)
Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)
Haller, N.: The S/KEY One-Time Password System. http://tools.ietf.org/html/rfc1760
IIJ, Internet Infrastructure Review Vol.25, 1.4.3 The Status of List-Based Attacks and Their Countermeasures. https://www.iij.ad.jp/en/company/development/iir/pdf/iir_vol25_infra_EN.pdf
National Police Agency, Status of Incidents of Illegal Remittance Related to Internet Banking in 2014, February 2015 (in Japanese). http://www.npa.go.jp/cyber/pdf/H270212_banking.pdf
Trend Micro Security Blog, Analyzing digital certificate theft attacks targeting corporate net banking. http://blog.trendmicro.co.jp/archives/9417
Haller, N., et al.: A One-Time Password System. http://tools.ietf.org/html/rfc2289
M’Raihi, D., et al.: HOTP: An HMAC-Based One-Time Password Algorithm. http://tools.ietf.org/html/rfc4226
M’Raihi, D., et al.: TOTP: Time-Based One-Time Password Algorithm. http://tools.ietf.org/html/rfc6238
Suga, Y.: Sausage-style one-time authentication schemes. In: Proceedings of the 12th International Conference on Broad-Band Wireless Computing, Communication and Applications (BWCCA-2017), pp. 658–667 (2017)
Merkle, R.: Secrecy, authentication and public key systems. A certified digital signature. Ph.D. dissertation, Dept. of Electrical Engineering, Stanford University (1979)
Szydlo, M.: Merkle Tree Traversal in Log Space and Time. In: EUROCRYPT 2004 (2004)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2019 Springer Nature Switzerland AG
About this paper
Cite this paper
Suga, Y. (2019). Formulation of Information Hiding Model for One-Time Authentication Methods Using the Merkle Tree. In: Barolli, L., Xhafa, F., Khan, Z., Odhabi, H. (eds) Advances in Internet, Data and Web Technologies. EIDWT 2019. Lecture Notes on Data Engineering and Communications Technologies, vol 29. Springer, Cham. https://doi.org/10.1007/978-3-030-12839-5_33
Download citation
DOI: https://doi.org/10.1007/978-3-030-12839-5_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-12838-8
Online ISBN: 978-3-030-12839-5
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)