Publication Date: 2022/07/05
Abstract: In the interest of digital security, 2-Factor Authentication (2FA), has been widely used throughout different sites and applications to secure and authenticate a user’s identity, Time-Based One-Time Password (TOTP) algorithm is one of the most utilized algorithms when it comes to 2FA due to its reliability when it comes to securing user access through generating a code that has a limited validity, usually for 30 seconds or less. TOTP generates a code with the use of current time and a secret key. Despite the security TOTP provides, the delivery of the code through SMS is still vulnerable to interception by a third party since the connection between the client and the server can be insecure. This paper proposes an enhancement to the TOTP algorithm by applying AES encryption to the generated code before delivering it to the client. This paper shows that the implementation of AES to the TOTP algorithm has helped generate a stronger OTP and has made it harder for hackers to crack.
Keywords: AES; OTP; secret key; Time-Based One-Time Password Algorithm; 2-Factor Authentication
DOI: https://doi.org/10.5281/zenodo.6796093
PDF: https://ijirst.demo4.arinfotech.co/assets/upload/files/IJISRT22JUN522.pdf
REFERENCES