A Secure One-Time Password Authentication Scheme Using Image Texture Features

  • Maitreya Maity
  • Dhiraj Manohar DhaneEmail author
  • Tushar Mungle
  • Rupak Chakraborty
  • Vasant Deokamble
  • Chandan Chakraborty
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 625)


The internet is a big giant in the today’s world playing the backbone for information and communication technologies. Most of the network application needs a very reliable and one-way authentication process to ensure system resources are securely accessed by authorised users over the Internet. Password-based authentication is the most common mechanism and is easy to implement for authentication purpose. However, such general scheme will be vulnerable to attackers to steal the static credential combination with ease using eavesdropping, brute forcing, password replay, etc. One-time password (OTP) is the promising solutions to overcome from such attacks. It generates the different unique passwords each time for the user login into the system. This paper proposes a novel method of OTP authentication using image features. Here the system calculates different features from randomly selected areas of an image and applies symmetric key cryptography to generate the random OTP for the user. The proposed approach is convenient and computationally less expensive offering high-level security.


One-time password Texture feature Authentication Feature extraction Encryption 



The first author sincerely acknowledges Shamik Sural, professor of Department of Computer Science and Technology, Indian Institute of Technology Kharagpur, India.


  1. 1.
    Haller, N.: The S/KEY one-time password system. In: Internet Society Symposium on Network and Distributed System Security, pp. 151–158 (1995)Google Scholar
  2. 2.
    Lamport, L.: Password authentication with insecure communication. Commun. ACM 24(11), 770–772 (1981)MathSciNetCrossRefGoogle Scholar
  3. 3.
    Eldefrawy, M.H., Khan, M.K., Alghathbar, K.: One-time password system with infinite nested hash chains. In: Kim, T.-h., Fang, W.-c., Khan, M.K., Arnett, K.P., Kang, H.-j., Ślęzak, D. (eds.) SecTech/DRBC 2010. CCIS, vol. 122, pp. 161–170. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  4. 4.
    M’Raihi, D., Machani, S., Pei, M., Rydell, J.: TOTP: Time-based one-time password algorithm. Internet Request for Comments (2011)Google Scholar
  5. 5.
    Kim, M., Lee, B., Kim, S., Won, D.: Weaknesses and improvements of a one-time password authentication scheme. Int. J. Future Gener. Commun. Netw. 2(4), 29 (2009)Google Scholar
  6. 6.
    Shamir, A.: An efficient identification scheme based on permuted kernels. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 606–609. Springer, Heidelberg (1990)Google Scholar
  7. 7.
    Xu, J., Zhu, W.-T., Feng, D.-G.: An improved smart card based password authentication scheme with provable security. Comput. Stand. Interfaces 31(4), 723–728 (2009)CrossRefGoogle Scholar
  8. 8.
    Ratha, N.K., Connell, J.H., Bolle, R.M.: Enhancing security and privacy in biometrics-based authentication systems. IBM Syst. J. 40(3), 614–634 (2001)CrossRefGoogle Scholar
  9. 9.
  10. 10.
    Kumar, T., Raghavan, S.V.: PassPattern System (PPS): a pattern-based user authentication scheme. In: Das, A., Pung, H.K., Lee, F.B.S., Wong, L.W.C. (eds.) NETWORKING 2008. LNCS, vol. 4982, pp. 162–169. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Raghavan, S.V.: Methods and devices for pattern-based user authentication. Google Patents (2012)Google Scholar
  12. 12.
    Torres, R.J., Brown, D.S., Moghazy, J., Rudd, J.R.: Providing pattern based user password access. Google Patents (2011)Google Scholar
  13. 13.
    Hussain, A.: Enhanced authentication mechanism using multilevel security model. Int. Arab J. e-Technol. 1(2), 49–57 (2009)Google Scholar
  14. 14.
    Alsaiari, H., Papadaki, M., Dowland, P., Furnell, S.: Graphical one-time password (GOTPass): a usability evaluation. Inf. Secur. J. Glob. Perspect. 25, 1–15 (2016)CrossRefGoogle Scholar
  15. 15.
    Maity, M., Sarkar, P., Chakraborty, C.: Computer-assisted approach to anemic erythrocyte classification using blood pathological information. In: International Conference on Emerging Applications of Information Technology (EAIT), pp 116–121. IEEE (2012)Google Scholar
  16. 16.
    Maity, M., Maity, A.K., Dutta, P.K., Chakraborty, C.: A web-accessible framework for automated storage with compression and textural classification of malaria parasite images. Int. J. Comput. Appl. 52(15), 31–39 (2012)Google Scholar
  17. 17.
    Sebastian, V., Unnikrishnan, A., Balakrishnan, K.: Gray level co-occurrence matrices: Generalisation and some new features. arXiv preprint (2012). arXiv:12054831
  18. 18.
    Haralick, R.M., Shanmugam, K., Dinstein, I.H.: Textural features for image classification. IEEE Trans. Syst. Man Cybern. 6, 610–621 (1973)CrossRefGoogle Scholar
  19. 19.
    Ojala, T., Pietikäinen, M.: Unsupervised texture segmentation using feature distributions. Pattern Recogn. 32(3), 477–486 (1999)CrossRefGoogle Scholar
  20. 20.
    Atkinson, R., Haller, N.: On internet authentication (1994)Google Scholar
  21. 21.
    Chun-Li, L., Hung-Min, S., Hwang, T.: Attacks and solutions on strong-password authentication. IEICE Trans. Commun. 84(9), 2622–2627 (2001)Google Scholar
  22. 22.
    Tsuji, T., Shimizu, A.: An impersonation attack on one-time password authentication protocol OSPA. IEICE Trans. Commun. 86(7), 2182–2185 (2003)Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2016

Authors and Affiliations

  • Maitreya Maity
    • 1
  • Dhiraj Manohar Dhane
    • 1
    Email author
  • Tushar Mungle
    • 1
  • Rupak Chakraborty
    • 2
  • Vasant Deokamble
    • 3
  • Chandan Chakraborty
    • 1
  1. 1.School of Medical Science and TechnologyIndian Institute of TechnologyKharagpurIndia
  2. 2.Department of Information TechnologyDIT UniversityDehradunIndia
  3. 3.Department of E & TCMarathwada Mitra Mandal’s College of EngineeringPuneIndia

Personalised recommendations