e-Authentication Methods
Symmetric-key Authentication
In traditional symmetric key authentication, the user shares a unique, secret key (usually embedded in a hard token) with an authentication server. The user is authenticated by sending to the authentication server his/her username together with a randomly generated message (the challenge) encrypted by the secret key. If the server can match the received encrypted message (the response) using its share secret key, the user is authenticated.
A slight variation of the symmetric-key implementation is the use of OTP tokens. Such OTP tokens use either a clock or counter, sometimes both, to generate the OTP with a symmetric key contained in the device. There are others that use a challenge-response system in which the token combines a random challenge from the authentication server with the shared secret key to generate the response, which is essentially the OTP. Since OTP will only be used once, it can protect the user against password guessing, eavesdropping and replay types of attacks.
When implemented together with the password authentication, this method also provides a possible solution for two-factor authentication systems.
|