TBU Publications
Repository of TBU Publications
Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management
DSpace Repository
Contact Us | Language: čeština English
- DSpace Home
- →
- Článek ve sborníku
- →
- Fakulta aplikované informatiky
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| Title: | Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management |
| Author: | Drga, Jozef; Homoliak, Ivan; Vančo, Juraj; Vasilakos, Athanasios; Perešíni, Martin; Hanáček, Petr |
| Document type: | Conference paper (English) |
| Source document: | 2023 IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2023. 2023 |
| ISBN: |
|
| DOI: | https://doi.org/10.1109/ICBC56567.2023.10174997 |
| Abstract: | This paper focuses on the problem of detection and prevention of stolen and misused secrets (such as private keys) for authentication toward centralized services. We propose a solution for this problem, based on SmartOTPs, the two-factor authentication scheme against the blockchain, which is intended for smart contract wallets and utilizes one-time passwords (OTPs). We modify SmartOTPs for our purposes and utilize them in the setting of two-and-a-half-factor authentication against a centralized service provider. Out of two and a half factors of our solution, the first factor stands for the private key, and the second and a half factor stands for OTPs and their precursors (a.k.a., pre-images), where OTPs are obtained from the precursors by cryptoaraphically secure hashing. We describe the protocol for bootstrapping our approach as well as the authentication procedure. In the case of stolen creden-tials from the client, we show that our solution enables the user to immediately detect it and proceed to re-initialization with fresh credentials. We utilize blockchain-based identity management and decentralized identities of users to simplify the overhead of the registration process and reinitialization. © 2023 IEEE. |
| Full text: | https://ieeexplore.ieee.org/document/10174997 |
| Show full item record | |
Files in this item
| Files | Size | Format | View |
|---|---|---|---|
|
There are no files associated with this item. |
|||
ČSN ISO 690:2011 citation
Citace článku v konferenčním sborníku:
DRGA, Jozef, Ivan HOMOLIAK, Juraj VANČO, Athanasios VASILAKOS, Martin PEREŠÍNI a Petr HANÁČEK. Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management. In: 2023 IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2023 [online]. Dubai: Institute of Electrical and Electronics Engineers Inc., 2023 [cit. 2025-04-13]. Dostupné z: https://ieeexplore.ieee.org/document/10174997.
These citations are software generated and may contain errors. To verify accuracy, check the appropriate style guide.
DRGA, Jozef, Ivan HOMOLIAK, Juraj VANČO, Athanasios VASILAKOS, Martin PEREŠÍNI a Petr HANÁČEK. Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management. In: 2023 IEEE International Conference on Blockchain and Cryptocurrency, ICBC 2023 [online]. Dubai: Institute of Electrical and Electronics Engineers Inc., 2023 [cit. 2025-04-13]. Dostupné z: https://ieeexplore.ieee.org/document/10174997.
These citations are software generated and may contain errors. To verify accuracy, check the appropriate style guide.
Related articles
Except where otherwise noted, this item's license is described as Attribution 4.0 International
