Presentation	2002/11/7 An Impersonation Attack on One-Time Password Authentication Protocol OSPA Takasuke TSUJI, Akihiro SHIMIZU,
PDF Download Page	PDF download Page Link
Abstract(in Japanese)	(See Japanese page)
Abstract(in English)	User authentication is necessary on the Internet and mobile communications to stand on legal user's rights. One-time password authentication methods change verifier every time by sending the present verifier with next verifier. However, such methods risk impersonation attack because those protocols use two verifiers every session. The OSPA (Optimal Strong-Password Authentication) method is a one-time password method which prevents stolen-verifier problems, replay attacks, and denial of service attack, but we are working to prevent impersonation attacks on OSPA systems. In this paper, we discuss how to break down the OSPA method.
Keyword(in Japanese)	(See Japanese page)
Keyword(in English)	cryptography / hash function / password authentication / one-time password
Paper #	ISEC2002-81
Date of Issue

Conference Information
Committee	ISEC
Conference Date	2002/11/7(1days)
Place (in Japanese)	(See Japanese page)
Place (in English)
Topics (in Japanese)	(See Japanese page)
Topics (in English)
Chair
Vice Chair
Secretary
Assistant

Paper Information
Registration To	Information Security (ISEC)
Language	ENG
Title (in Japanese)	(See Japanese page)
Sub Title (in Japanese)	(See Japanese page)
Title (in English)	An Impersonation Attack on One-Time Password Authentication Protocol OSPA
Sub Title (in English)
Keyword(1)	cryptography
Keyword(2)	hash function
Keyword(3)	password authentication
Keyword(4)	one-time password
1st Author's Name	Takasuke TSUJI
1st Author's Affiliation	Kochi University of Technology()
2nd Author's Name	Akihiro SHIMIZU
2nd Author's Affiliation	Kochi University of Technology
Date	2002/11/7
Paper #	ISEC2002-81
Volume (vol)	vol.102
Number (no)	436
Page	pp.pp.-
#Pages	6
Date of Issue