| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Security Analysis of Mobile Phones Used as OTP Generators
Abstract : The Norwegian company Encap has developed protocols
enabling individuals to use their mobile phones as one-time password
(OTP) generators. An initial analysis of the protocols reveals minor
security flaws. System-level testing of an online bank utilizing Encap's
solution then shows that several attacks allow a malicious individual to
turn his own mobile phone into an OTP generator for another individual's
bank account. Some of the suggested countermeasures to thwart the
attacks are already incorporated in an updated version of the online
banking system.
Cited literature [4 references]
https://hal.inria.fr/hal-01056074
Contributor : Hal Ifip <>
Submitted on : Thursday, August 14, 2014 - 6:02:58 PM
Last modification on : Friday, November 20, 2020 - 4:22:03 PM
Long-term archiving on: : Thursday, November 27, 2014 - 1:35:16 AM
Contributor : Hal Ifip <>
Submitted on : Thursday, August 14, 2014 - 6:02:58 PM
Last modification on : Friday, November 20, 2020 - 4:22:03 PM
Long-term archiving on: : Thursday, November 27, 2014 - 1:35:16 AM
File
60330327.pdf
Files produced by the author(s)
Licence
Distributed under a Creative Commons Attribution 4.0 International License