Analysis of Distinguishable Security between the One-Time Password Extraction Function Family and Random Function Family

Hyunki Kim; Okyeon Yi

doi:10.3390/app13158761

Applied Sciences (Jul 2023)

Analysis of Distinguishable Security between the One-Time Password Extraction Function Family and Random Function Family

Hyunki Kim,
Okyeon Yi

Affiliations

Hyunki Kim: Hyundai Autoever Co., Ltd., Platform Element Technology Team, 12, Teheran-ro 113-gil, Gangnam-gu, Seoul 06171, Republic of Korea
Okyeon Yi: Financial Information Security, Kookmin University, 77 Jeongneung-ro, Seongbuk-gu, Seoul 02707, Republic of Korea

DOI: https://doi.org/10.3390/app13158761
Journal volume & issue: Vol. 13, no. 15
p. 8761

Abstract

Read online

A one-time password is a security system that uses a password that is only used once for authentication, and it is commonly used in multi-factor authentication systems. The process of generating an OTP is very similar to generating pseudorandom sequences in cryptography. However, since only a part of the bit string is used in OTP, an algorithm is needed to extract that part. In addition, the OTP process also includes converting the value of the bit string value into decimal form for human perception. This paper focuses on analyzing the extraction function, which is the step before the hexadecimal is reprocessed into the decimal form. We analyze a function family, which includes functions used in the process of extracting a bit string in terms of distinguishable security. As a result, we conclude that the OTP extraction function family is vulnerable in terms of distinguishable security compared to the random function family.

Published in Applied Sciences

ISSN: 2076-3417 (Online)
Publisher: MDPI AG
Country of publisher: Switzerland
LCC subjects: Technology: Engineering (General). Civil engineering (General); Science: Biology (General); Science: Physics; Science: Chemistry
Website: http://www.mdpi.com/journal/applsci

About the journal

Abstract

Keywords