Journal ArticleOPEN ACCESS

Experimental Study of Digipass Go3 and the Security of Authentication

  • Semaev I
INFORMATION TECHNOLOGY IN INDUSTRY (2021) 7(3)
DOI: 10.17762/itii.v7i3.70
N/ACitations
Citations of this article
20Readers
Mendeley users who have this article in their library.

Abstract

Based on the analysis of 6-digit one-time passwords (OTP) generated by DIGIPASS GO3 we were able to reconstruct the synchronization system of the token, the OTP generating algorithm and the verification protocol in details necessary for an attack. The OTPs are more predictable than expected. A forgery attack is described. We argue the attack success probability is much higher than it may be expected if all the digits are independently and uniformly distributed. The implications for the security of authentication are discussed and open questions are formulated.

Cite

CITATION STYLE

APA

Semaev, I. (2021). Experimental Study of Digipass Go3 and the Security of Authentication. INFORMATION TECHNOLOGY IN INDUSTRY, 7(3). https://doi.org/10.17762/itii.v7i3.70

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free