{"created":"2025-01-19T01:39:49.352734+00:00","metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00237280","sets":["1164:3925:11477:11663"]},"path":["11663"],"owner":"44499","recid":"237280","title":["TOTP認証におけるシードの自動失効化について"],"pubdate":{"attribute_name":"公開日","attribute_value":"2024-07-15"},"_buckets":{"deposit":"a27e4452-e29c-4fb2-8634-04a3b22d7c51"},"_deposit":{"id":"237280","pid":{"type":"depid","value":"237280","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"TOTP認証におけるシードの自動失効化について","author_link":["649378","649377","649379","649380"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"TOTP認証におけるシードの自動失効化について"},{"subitem_title":"Make Seeds Expire in TOTP Authentication","subitem_title_language":"en"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"IPSJ-CSEC","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2024-07-15","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"名古屋大学"},{"subitem_text_value":"名古屋大学"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Nagoya University","subitem_text_language":"en"},{"subitem_text_value":"Nagoya University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/237280/files/IPSJ-CSEC24106074.pdf","label":"IPSJ-CSEC24106074.pdf"},"date":[{"dateType":"Available","dateValue":"2026-07-15"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-CSEC24106074.pdf","filesize":[{"value":"292.8 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"30"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"47d11418-0082-4435-be14-aa818e420221","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2024 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"野田, 馨志郎"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"楫, 勇一"}],"nameIdentifiers":[{}]}]},"item_4_creator_6":{"attribute_name":"著者名(英)","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"Keishiro, Noda","creatorNameLang":"en"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"Yuichi, Kaji","creatorNameLang":"en"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA11235941","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8655","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ユーザ認証の安全性を強化するため，Time-based One-Time Password (TOTP) 認証方式が広く利用されている．TOTP 認証の安全性は，ワンタイムパスワードを生成するための TOTP シードが厳重に管理されることが前提となっているが，実際の利用環境を想定すると，TOTP シードが第三者に窃取されるリスクは決してゼロではない．本研究では，TOTP シードを自動的に失効させる仕組みを導入することで，不正に窃取されたシードが時間経過とともに無効化され，悪用される機会を抑制する仕組みを開発する．シード自動失効の仕組みは，ユーザに発行する情報へのノイズ付加と，ロジスティック写像によるノイズ拡大効果を利用することで実現される．本稿では，シード自動失効機能を備えた拡張 TOTP 認証方式を提案し，有限精度計算の特性についても十分考慮したうえで，実用的なパラメータを選択するための数値実験結果について述べる．","subitem_description_type":"Other"}]},"item_4_description_8":{"attribute_name":"論文抄録(英)","attribute_value_mlt":[{"subitem_description":"Time-based One-Time Password (TOTP) is commonly used in many digital services to meet the increasing demands of security in user authentication. The security of TOTP owes much to the management of TOTP seeds from which one-time passwords are computed, but there is a certain risk of the leakage of TOTP seeds in practice. This study aims to bring a mechanism that virtually realizes the expiration of TOTP seeds. Even if a seed is left unattended or exposed to somebody at a certain point in time, the seed expires as time passes. The mechanism is developed by using the logistic map, together with careful control of numeric values that is necessary to avoid issues caused by finiteprecision calculations. The paper sketches the proposed scheme and introduces the results of numerical investigations for discussing choices of good parameters.","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告コンピュータセキュリティ（CSEC）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2024-07-15","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"74","bibliographicVolumeNumber":"2024-CSEC-106"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":237280,"updated":"2025-01-19T08:56:04.820616+00:00","links":{}}