All

What are you looking for?

All
Projects
Results
Organizations

Quick search

  • Projects supported by TA ČR
  • Excellent projects
  • Projects with the highest public support
  • Current projects

Smart search

  • That is how I find a specific +word
  • That is how I leave the -word out of the results
  • “That is how I can find the whole phrase”

Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management

The result's identifiers

  • Result code in IS VaVaI

    <a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216305%3A26230%2F23%3APU149341" target="_blank" >RIV/00216305:26230/23:PU149341 - isvavai.cz</a>

  • Result on the web

    <a href="http://dx.doi.org/10.1109/ICBC56567.2023.10174997" target="_blank" >http://dx.doi.org/10.1109/ICBC56567.2023.10174997</a>

  • DOI - Digital Object Identifier

    <a href="http://dx.doi.org/10.1109/ICBC56567.2023.10174997" target="_blank" >10.1109/ICBC56567.2023.10174997</a>

Alternative languages

  • Result language

    angličtina

  • Original language name

    Detecting and Preventing Credential Misuse in OTP-Based Two and Half Factor Authentication Toward Centralized Services Utilizing Blockchain-Based Identity Management

  • Original language description

    This paper focuses on the problem of detection and prevention of stolen and misused secrets (such as private keys) for authentication toward centralized services. We propose a solution for this problem, based on SmartOTPs, the two-factor authentication scheme against the blockchain, which is intended for smart contract wallets and utilizes one-time passwords (OTPs). We modify SmartOTPs for our purposes and utilize them in the setting of two-and-a-half-factor authentication against a centralized service provider. Out of two and a half factors of our solution, the first factor stands for the private key, and the second and a half factor stands for OTPs and their precursors (a.k.a., pre-images), where OTPs are obtained from the precursors by cryptoaraphically secure hashing. We describe the protocol for bootstrapping our approach as well as the authentication procedure. In the case of stolen creden-tials from the client, we show that our solution enables the user to immediately detect it and proceed to re-initialization with fresh credentials. We utilize blockchain-based identity management and decentralized identities of users to simplify the overhead of the registration process and reinitialization.

  • Czech name

  • Czech description

Classification

  • Type

    D - Article in proceedings

  • CEP classification

  • OECD FORD branch

    10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Result continuities

  • Project

    <a href="/en/project/8A21012" target="_blank" >8A21012: Distributed Artificial Intelligent Systems</a><br>

  • Continuities

    P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Others

  • Publication year

    2023

  • Confidentiality

    S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Data specific for result type

  • Article name in the collection

    2023 IEEE International Conference on Blockchain and Cryptocurrency (ICBC)

  • ISBN

    979-8-3503-1019-1

  • ISSN

  • e-ISSN

  • Number of pages

    4

  • Pages from-to

    1-4

  • Publisher name

    Institute of Electrical and Electronics Engineers

  • Place of publication

    Dubai

  • Event location

    Dubaj

  • Event date

    May 1, 2023

  • Type of event by nationality

    WRD - Celosvětová akce

  • UT code for WoS article

    001032797100118