Abstract
This paper will analyse the current landscape of One Time Password (OTP) and Challenge-Response algorithms. It will detail the technical and security differences between algorithms such as the OATH algorithms (HOTP, OCRA, HOTP time based), EMV CAP and the proprietary algorithms from ActivIdentity. The paper describes the most common use cases and applicability as important tools for identity assurance in the financial and e-government industry sectors. It also outlines observed trends in current usage and future trends providing the audience with the valuable information to make a more informed choice in their identity assurance challenges.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
OATH, “Initiative for Open Authentication”, http://www.openauthentication.org/
IETF, “HOTP: An HMAC-Based One-Time Password Algorithm”, http://www.rfc-archive.org/getrfc.php?rfc=4226
IETF, “OCRA: OATH Challenge-Response Algorithms”, http://www.ietf.org/internet-drafts/draftmraihi-mutual-oath-hotp-variants-07.txt
IETF, “TOTP: Time-based One-time Password Algorithm”, http://www.ietf.org/internet-drafts/draftmraihi-totp-timebased-00.txt
MasterCard International Incorporated, “Chip Authentication Program — Functional Architecture”, September 2004
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2009 Vieweg+Teubner | GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Hoyer, P. (2009). OTP and Challenge/Response algorithms for financial and e-government identity assurance: current landscape and trends. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2008 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9283-6_29
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9283-6_29
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-0660-4
Online ISBN: 978-3-8348-9283-6
eBook Packages: Computer ScienceComputer Science (R0)