SMS authentication code generated by Advance Encryption Standard (AES) 256 bits modification algorithm and One time Password (OTP) to activate new applicant account

摘要

Nowadays, it is highly necessary to give precautions aimed to prevent Netizen from creating fake accounts to do criminal offence. One of the means is to use authentication code where it contains activation message. This authentication code is generated through activation message combined with timestamp values which would further be used on One-time Password. Then, it would be encrypted using Advanced Encryption Standard cryptographic algorithm, the generated authentication code can only be used once within a limited time. Unfortunately though, in 2011 three researchers from several universities and Microsoft, Andrey Bogdanov from K.U. Leuven, Dimitri Khovratovich from Microsoft and Christian Reachberger from ENS Paris found a crack on AES encryption, thus requiring modification to enhance AES complexity in order to close the said crack. AES modification can be done on S-Box and ShiftRow, thus enabling their dynamics following the keys given. 256 bits AES is chosen because it contains more key combination and longer time to decrypt compared to other type of AES. After its modification is done, the next step would be tested with Avalanche Effect and Randomness Test, where good cryptographic algorithm would have Avalanche Effect values around 50% and able to pass 5 basic random tests in Randomness Test.