SYSTEM AND METHOD FOR AUTHENTICATING ONE-TIME PASSWORD BASED ON VISUAL CRYPTOGRAPHY

摘要

The present invention relates to a system and a method for authenticating a one-time password based on visual cryptography. A system for authenticating a one-time password based on visual cryptography includes an RP server, an RP client, an FIDO server, and a visual OTP FIDO authentication device. The RP server randomly generates a shared secret key, generates a shared image thereof, and transmits random image information and secret image information about the shared image to the FIDO server and the RP client, respectively. The RP client displays the received shared image information, receives the identified shared secret key, and transmits it to the RP server. The FIDO server generates an FIDO UAF authentication request message by including the secret image information received from the RP server in a transaction field of a UAF authentication protocol, verifies the FIDO UAF authentication response message, and transmits a shared secret key included in a response message to the RP server. When the FIDO UAF authentication request message is received, the visual OTP FIDO authentication device performs a user authentication operation, displays the secret image information on a secure display of the visual OTP FIDO authentication device. In addition, the visual OTP FIDO authentication device allows the random image output on the RP client screen to overlap the secret image displayed on the secure display of the visual OTP FIDO authentication device in cooperation with a camera of a user apparatus. In addition, the visual OTP FIDO authentication device allows the user to visually identify the shared secret key generated by the RP server and to input the identified shared secret key, and generates an FIDO UAF authentication response message including the identified shared secret key.;COPYRIGHT KIPO 2018