Dynamic Password Schemes

As just observed, two of the main problems with passwords are vulnerability (they are quite easy to steal) and repeatability (once stolen, they can be reused). A dynamic password scheme, also often referred to as a one-time password scheme, preserves the concept of a password but greatly improve its security by:

1. Limiting the exposure of the password, which reduces vulnerability.

2. Using the password to generate dynamic data changes on each authentication attempt, which prevents repeatability.

Dynamic password schemes are important entity authentication mechanisms and are widely deployed in token-based technologies to access internet banking or telephone banking services.

Idea behind dynamic password schemes

A dynamic password scheme uses a ‘password function’ rather than a password at its heart. If a claimant, which we’ll assume is a human user, wants to authenticate to a device, such as an authentication server, then the user inputs some data into the function to compute a value sent to the device. There are three components we need to specify:

• The password function: This function is a symmetric cryptographic algorithm of some sort, which takes as input a key shared between the server and the user (normally embedded on a token the user possesses). This could be an encryption algorithm or, more commonly, some key derivation function.

• The token: The password function is usually implemented on a hardware token. In an example we’ll discuss shortly, we will assume this token resembles a small calculator and has an input interface, but these tokens vary across different schemes. In some schemes, this token is represented by an application running on the user’s mobile phone.

• The input: We want the user and the device to agree on an input to the password function, the result of which will be used to authenticate the user. Since the input must be fresh, any freshness mechanisms could be used. All of these techniques are deployed in different commercial devices, namely:

  • Clock-based: The user and the device have synchronized clocks, so the current time can be used to generate an input that both the user and the device will ‘understand.’

  • Sequence numbers: The user and the device maintain synchronized sequence numbers.

  • Nonce-based: The device randomly generates a number known as a challenge and sends it to the user, who computes a cryptographic response. Such mechanisms are often referred to as challenge-response mechanisms.

Example dynamic password scheme

We now give an example of a dynamic password scheme.

Dynamic password scheme description

Before any authentication attempts are made, the user is given a token on which the password function has already been implemented in the form of a symmetric cryptographic algorithm $A$ with symmetric key $K$. While algorithm A could be standard across the entire system, the key $K$ is shared only by the server and the token held by the user. Note that a different user with a different token will share a different key with the server. So, the correct use of key $K$ will be associated with a specific user as far as the server is concerned.

Another feature of this example scheme is that the user can identify themselves with the token. Otherwise, anyone who steals the token could pass themselves as the user. In our example, this process will be implemented using a PIN. The token will only activate if the user enters the correct PIN.

The illustration below shows an authentication attempt using this dynamic password scheme: