Skip to Main Content
This paper proposed mechanism of multiple certification for secure electronic transaction. Existing OTP mechanism can't guarantee certification and non-repudiation by certification request information asynchronization and involves replay attack risk due to the uniformity of password creation time period. This paper intends to guarantee non-repudiation, confidentiality and integrity and prevent replay attack by requesting certification through OTP by creating and holding password asynchronously among transaction parties along with certificate. In addition, regarding each verification request, the mechanism provides with availability and high security by processing the request separately for certificate verification and OTP verification. Consequently, the mechanism was able to guarantee the safety in electronic transaction, and to confirm that it demonstrates excellence in replay attack, non-repudiation, availability and certification strength etc also in comparison and analysis through experiment with existing OTP mechanism.
Date of Conference: 27-29 May 2009