A secure one-time password authentication scheme using smart cards

Tzu Chang Yeh*, Hsiao Yun Shen, Jing Jang Hwang

*Corresponding author for this work

Research output: Contribution to journalJournal Article peer-review

67 Scopus citations


Using the great one-time password concept, the widely utilized one-way authentication scheme S/Key provides well protection against replay attacks. In this paper, S/key is enhanced to secure transactions in a critical environment. The proposed scheme is free from any of server spoofing attacks, preplay attacks, and off-line dictionary attacks. A session key here is also established to provide confidentiality. Moreover, simplicity and efficiency are taken into consideration from the user's point of view. A smart card is applied to simplify the user login process and only the hash function is used to keep its efficiency. Therefore, the scheme proposed hereinafter is able to build a safer shield for sensitive transactions like on-line banking or on-line trading in bonds and securities.

Original languageEnglish
Pages (from-to)2515-2518
Number of pages4
JournalIEICE Transactions on Communications
Issue number11
StatePublished - 11 2002
Externally publishedYes


  • Authentication
  • Off-line dictionary attack
  • One-time password
  • Replay attack
  • Smart card


Dive into the research topics of 'A secure one-time password authentication scheme using smart cards'. Together they form a unique fingerprint.

Cite this