Ubiquitous One-Time Password Service Using the Generic Authentication Architecture
The Generic Authentication Architecture (GAA) is a standardised extension to the mobile authentication infrastructure that enables the provision of security services, such as key establishment, to network applications. In this paper the authors first show how Trusted Computing can be extended in a GAA-like framework to offer new security services. They then propose a general scheme that converts a simple static password authentication mechanism into a One-Time Password (OTP) system using the GAA key establishment service. The scheme employs a GAA-enabled user device and a GAA-aware server.