Human-Computable OTP Generator as an Alternative of the Two-Factor Authentication

Abstract

This work presents an improved alternative of the Two-Factor Authentication (2FA) standard. It eliminates the limitations concerning the necessity for additional gadgets, devices or theft-sensitive biometric data, by substituting it with direct human-computer authentication optionally enhanced by cognitive biometrics. This approach remains secure also in untrusted systems. On the other hand, it only permits one secret to be used as a universal private key for all attainable online accounts. This is an innovative challenge-response protocol for human-generated One-Time Passwords (OTP) based on a hard lattice problem with noise introduced by our new method which we call Learning with Options (LWO). The secret of this protocol possesses topographical properties of a single self-designed picture and a brief set of rules defining how these passwords are calculated. It is a heavy digital equivalent of a handwritten autograph. This paper demonstrates a simple and fast method to generate the OTP and hash-based digital signature, offline on paper documents usable as well, with an acceptable level of security and usability meeting the requirements for post-quantum symmetric ciphers and commercial implementation also in the field of IoT.