Physical Authentication using Random Number Generated (RNG) Keypad based on One Time Pad (OTP) Concept

摘要

A physical security is best described as securing the perimeter of an area. Most organisation tends to focus on securing their data over the wires and overlooked threats coming from inside their premises. Servers are protected with maximum security configurations and firewall, however the server room are accessible by unauthorized personnel, access card often left behind, broken or missing main door entrance although secured with access card system; vendors, consultants and visitors were not accompanied by staff during visitation; piggy-backing, tailgating, shoulder surfing and keylogging cases are common scenario that can be seen inside an organization. To minimize or/and to overcome the mentioned problems, an enhanced type of physical security method is proposed which is authentication using Random Number Generated (RNG) Keypad based on One Time Pad Concept. It is a computational physical device designed to generate a sequence of numbers or symbols that will appear randomly using Pseudo-random numbers algorithm each time One Time Password (OTP) is keyed in. It is typically generated by a token possessed by the user and it is the input to the authentication system. The input OTP is compared to an OTP generated by the system. If it matches, the user is allowed to access the system. It is hoped that by having this prototype system, common physical security countermeasure weaknesses can be minimized while assuring confidentiality, integrity and availability of the data stays protected with minimum cost and minimal configurations.