Vulnerabilities Analysis of the OTP Implemented on a PC

Woo Chan Hong; Kwang Woo Lee; Seung Joo Kim; Dong Ho Won

Vulnerabilities Analysis of the OTP Implemented on a PC

The KIPS Transactions:PartC, Vol. 17, No. 4, pp. 361-370, Aug. 2010

10.3745/KIPSTC.2010.17.4.361, PDF Download:

Abstract

OTP(One Time Password) is a user authentication using secure mechanism to authenticate each other in a way to generate a password, an attacker could intercept the password to masquerade as legitimate users is a way to prevent attacks. The OTP can be implemented as H/W or S/W. Token and card type OTP, implemented as H/W, is difficult to popularize because of having problem with deployment and usability. As a way to replace it implemented as S/W on Mobile or PC is introduced. However, S/W products can be target of malicious attacks if S/W products have vulnerability of implementation. In fact, FSA said the OTP implemented on a mobile have vulnerability of implementation. However, the OTP implemented on a PC have no case about analysis of vulnerability. So, in this paper derive security review and vulnerabilities analysis of implemented on a PC.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

W. C. Hong, K. W. Lee, S. J. Kim, D. H. Won, "Vulnerabilities Analysis of the OTP Implemented on a PC," The KIPS Transactions:PartC, vol. 17, no. 4, pp. 361-370, 2010. DOI: 10.3745/KIPSTC.2010.17.4.361.

[ACM Style]

Woo Chan Hong, Kwang Woo Lee, Seung Joo Kim, and Dong Ho Won. 2010. Vulnerabilities Analysis of the OTP Implemented on a PC. The KIPS Transactions:PartC, 17, 4, (2010), 361-370. DOI: 10.3745/KIPSTC.2010.17.4.361.