• DocumentCode
    3538533
  • Title

    Inherent vulnerabilities of one-time passcode mechanisms

  • Author

    Cullen, Cindy

  • Author_Institution
    Bellcore, Red Bank, NJ, USA
  • fYear
    1995
  • fDate
    16-19 Oct 1995
  • Firstpage
    184
  • Lastpage
    186
  • Abstract
    Traditional user identification and authentication mechanisms are no longer considered adequate protection due to the sophistication of hackers and hacker tools. One-time passcode mechanism are becoming commonly used. However, these mechanisms do have vulnerabilities that should be considered when evaluating a product. This paper covers two vulnerabilities, a passive attack used when a one-time passcode card is in two databases and an active attack of masquerading as a one-time passcode server to steal the information to be able to masquerade as a user
  • Keywords
    security of data; authentication; hacker tools; hackers; one-time passcode mechanisms; one-time passcode server; passive attack; user identification; vulnerabilities; Authentication; Authorization; Computer hacking; Databases; Debugging; Monitoring; Operating systems; Personnel; Protection; Robustness;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Local Computer Networks, 1995., Proceedings. 20th Conference on
  • Conference_Location
    Minneapolis, MN
  • ISSN
    0742-1303
  • Print_ISBN
    0-8186-7162-9
  • Type

    conf

  • DOI
    10.1109/LCN.1995.527343
  • Filename
    527343
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=3538533