DocumentCode :
3538533
Title :
Inherent vulnerabilities of one-time passcode mechanisms
Author :
Cullen, Cindy
Author_Institution :
Bellcore, Red Bank, NJ, USA
fYear :
1995
fDate :
16-19 Oct 1995
Firstpage :
184
Lastpage :
186
Abstract :
Traditional user identification and authentication mechanisms are no longer considered adequate protection due to the sophistication of hackers and hacker tools. One-time passcode mechanism are becoming commonly used. However, these mechanisms do have vulnerabilities that should be considered when evaluating a product. This paper covers two vulnerabilities, a passive attack used when a one-time passcode card is in two databases and an active attack of masquerading as a one-time passcode server to steal the information to be able to masquerade as a user
Keywords :
security of data; authentication; hacker tools; hackers; one-time passcode mechanisms; one-time passcode server; passive attack; user identification; vulnerabilities; Authentication; Authorization; Computer hacking; Databases; Debugging; Monitoring; Operating systems; Personnel; Protection; Robustness;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Local Computer Networks, 1995., Proceedings. 20th Conference on
Conference_Location :
Minneapolis, MN
ISSN :
0742-1303
Print_ISBN :
0-8186-7162-9
Type :
conf
DOI :
10.1109/LCN.1995.527343
Filename :
527343
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=3538533
بازگشت