Cognitive OTP - Novel Technique to Establish Identity of a Person (Human) in Cyber Space

Anil Rawat
SpeakerAnil Rawat
TrackLightning Talks -- Main Conference Auditorium
DescriptionConventionally photograph, fingerprint, IRIS, DNA or hand geometry is used for establishing identity of a person in physical world, but they all need additional infrastructure for capturing and comparison of bio-metric parameter. Id and password based technique is the most popular method for user identification, but these password based schemes are not truly capable of ascertaining persons identity, since passwords are breakable and are also vulnerable to theft. One Time Password(OTP), Session Password, Transaction Password, Time Window Based Passwords etc. are some more techniques designed to enhance security of the systems and applications. All these techniques are inadequate to establish person’s identity in cyber space.

The proposed technique is based on assimilation of CAPTCHA, OTP and a human provided and controlled function. The user is provided with OTP through a CAPTCHA and the user applies a function on the OTP, manipulating its digits/ characters and returns the ‘Cognitive OTP’ to the Authentication Server. CAPTCHA is a standard technique to ensure that a human is interpreting the contained information, OTP ensures randomization and application of a function by the user (person being identified) using his brain (neurons!) adds a bio-metric equivalent dimension, thus producing ‘Cognitive OTP’. The Authentication Server(AS) needs to know the human applied function before hand for the purpose of verification.   

The user will have the liberty to chose type of OTP (digits and / or characters) from AS and also for the function for manipulation of OTP to produce ‘Cognitive OTP’. Using number based input for the user controlled function may enhance possible options for manipulations, since mathematical jargons are possible with numbers. There are certain extensions to this novel technique to complete the logical flow for authenticated verification of a person in cyber space, which I shall be covering in the proposed talk.

Presentation documents

All talks