Securing OTP Transaction Using Mutual Authentication and Encryption
Secure authentication schemes between an authentication server and users are required to avoid many risks on the Internet. A new one time password scheme is described which is secure against eavesdropping, server database compromise and generate Static key for encryption at the same time. That scheme is at least as secure as regular passwords and other one time password systems. It provides the additional benefit of providing a static key to the server, with no drawbacks. It is also very easy to implement. An OTP system that provides encryption and authentication is more secure than an OTP system that only provides authentication.