One Time Password based Mutual Text Authentication


  • Salah H Abbdal Refish Computer Techniques Engineering Department, Faculty of Information Technology, Imam Ja’afar Al-sadiq University, Baghdad, Iraq



Password authentication code, mutual text authentication, IOT, Man-In-The-Middle, Resistance against offline-Attacks


Many applications in the internet using Password for identify users.  So, this password must be strong and safe to avoid unauthorized users. The critical issue in many applications such as web-sites and data base systems is password authentication code (PAC). In this paper, PAC between two parties to confirm password authentication between them based mutual text authentication has presented. Two factors is the best solution in this field. But to be more secure and to be more efficient a legitimate user needs to make sure about his partner to ensure their communications should use another method without need more costs and avoid plurality of algorithms.  So, this solution uses mutual text authentication as new solution which the text is predetermined by users. This method is considered new in this field, as this method tries to make the password highly secure in front of unauthorized users and to make the process of accessing information specific only to the actual authorized users. When analysing this method, we find that it has many characteristics such as the confidentiality of the session key and privacy, in addition to the exchange of authentication between the two parties to ensure that others do not interfere.


Refish, S. (2018, October). PAC-RMPN: Password authentication code based RMPN. 2018 International Conference on Advanced Science and Engineering (ICOASE) (pp. 286-289). IEEE.

Doğanay, C., & Küpçü, A. (2020, December). Comparative survey on single password authentication techniques. 2020 International Conference on Information Security and Cryptology (ISCTURKEY) (pp. 5-10). IEEE.

Wang, Q., Wang, D., Cheng, C., & He, D. (2021). Quantum2fa: efficient quantum-resistant two-factor authentication scheme for mobile devices. IEEE Transactions on Dependable and Secure Computing.

Karuppiah, M., Das, A. K., Li, X., Kumari, S., Wu, F., Chaudhry, S. A., & Niranchana, R. (2019). Secure remote user mutual authentication scheme with key agreement for cloud environment. Mobile Networks and Applications, 24, 1046-1062.

Aljewaw, O. B., Karim, M. K. A., Kamari, H. M., Zaid, M. H. M., Salim, A. A., & Mhareb, M. H. A. (2022). Physical and spectroscopic characteristics of lithium-aluminium-borate glass: Effects of varying Nd2O3 doping contents. Journal of Non-Crystalline Solids, 575, 121214.

Ma, S., Feng, R., Li, J., Liu, Y., Nepal, S., Bertino, E., ... & Jha, S. (2019, December). An empirical study of sms one-time password authentication in android apps. Proceedings of the 35th Annual Computer Security Applications Conference (pp. 339-354).

Renuka, K. M., Kumari, S., Zhao, D., & Li, L. (2019). Design of a secure password-based authentication scheme for M2M networks in IoT enabled cyber-physical systems. IEEE Access, 7, 51014-51027.

Salim, A. A., Ghoshal, S. K., Danmallam, I. M., Sazali, E. S., Krishnan, G., Aziz, M. S., & Bakhtiar, H. (2021, April). Distinct optical response of colloidal gold-cinnamon nanocomposites: Role of pH sensitization. Journal of Physics: Conference Series, 1892(1), 012039. IOP Publishing

Osei, E. O., Hayfron-Acquah, J. B., & Kumasi, K. N. U. S. T. (2014). Cloud computing login authentication redesign. International Journal of Electronics and Information Engineering, 1(1), 1-8.

Salim, A. A., Bidin, N., Bakhtiar, H., Ghoshal, S. K., Al Azawi, M., & Krishnan, G. (2018, May). Optical and structure characterization of cinnamon nanoparticles synthesized by pulse laser ablation in liquid (PLAL). Journal of Physics: Conference Series, 1027(1), 012002. IOP Publishing.

Anwar, N., Riadi, I., & Luthfi, A. (2016). Forensic SIM card cloning using authentication algorithm. International Journal of Electronics and Information Engineering, 4(2), 71-81.

Hwang, M. S., & Li, L. H. (2000). A new remote user authentication scheme using smart cards. IEEE Transactions on consumer Electronics, 46(1), 28-30.

Ramasamy, R., & Muniyandi, A. P. (2012). An Efficient Password Authentication Scheme for Smart Card. Int. J. Netw. Secur., 14(3), 180-186.

Salim, A. A., Ghoshal, S. K., Shamsudin, M. S., Rosli, M. I., Aziz, M. S., Harun, S. W., ... & Bakhtiar, H. (2021). Absorption, fluorescence and sensing quality of Rose Bengal dye-encapsulated cinnamon nanoparticles. Sensors and Actuators A: Physical, 332, 113055.

Chen, T. Y., Lee, C. C., Hwang, M. S., & Jan, J. K. (2013). Towards secure and efficient user authentication scheme using smart card for multi-server environments. The Journal of Supercomputing, 66, 1008-1032.

Guo, C., Chang, C. C., & Chang, S. C. (2018). A secure and efficient mutual authentication and key agreement protocol with smart cards for wireless communications. Int. J. Netw. Secur., 20(2), 323-331.

Lin, I. C., Hwang, M. S., & Li, L. H. (2003). A new remote user authentication scheme for multi-server architecture. Future Generation Computer Systems, 19(1), 13-22.

Waheed, S. R., Rahim, M. S. M., Suaib, N. M., & Salim, A. A. (2023). CNN deep learning-based image to vector depiction. Multimedia Tools and Applications, 1-20.

Salim, A. A., Bidin, N., & Islam, S. (2017). Low power CO2 laser modified iron/nickel alloyed pure aluminum surface: Evaluation of structural and mechanical properties. Surface and Coatings Technology, 315, 24-31.

Liu, Y., Chang, C. C., & Sun, C. Y. (2016). Notes on" An Anonymous Multi-server Authenticated Key Agreement Scheme Based on Trust Computing Using Smart Card and Biometrics". Int. J. Netw. Secur., 18(5), 997-1000.

Lu, R., Li, X., Liang, X., Shen, X., & Lin, X. (2011). GRS: The green, reliability, and security of emerging machine to machine communications. IEEE Communications Magazine, 49(4), 28-35.

Agarwal, S., Peylo, C., Borgaonkar, R., & Seifert, J. P. (2010, October). Operator-based over-the-air M2M wireless sensor network security. 2010 14th International Conference on Intelligence in Next Generation Networks (pp. 1-5). IEEE.

Abbas, S. I., Hathot, S. F., Abbas, A. S., & Salim, A. A. (2021). Influence of Cu doping on structure, morphology and optical characteristics of SnO2 thin films prepared by chemical bath deposition technique. Optical Materials, 117, 111212.

Gunson, N., Marshall, D., Morton, H., & Jack, M. (2011). User perceptions of security and usability of single-factor and two-factor authentication in automated telephone banking. Computers & Security, 30(4), 208-220.

Lin, H., Wen, F., & Du, C. (2015). An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics. Wireless Personal Communications, 84, 2351-2362.

Barman, S., Das, A. K., Samanta, D., Chattopadhyay, S., Rodrigues, J. J., & Park, Y. (2018). Provably secure multi-server authentication protocol using fuzzy commitment. IEEE Access, 6, 38578-38594.

A. A., Salim, Bakhtiar, H., Shamsudin, M. S., Aziz, M. S., Johari, A. R., & Ghoshal, S. K. (2022). Performance evaluation of rose bengal dye-decorated plasmonic gold nanoparticles-coated fiber-optic humidity sensor: A mechanism for improved sensing. Sensors and Actuators: A. Physical, 347, 113943.

Wang, C., Wang, D., Xu, G., & Guo, Y. (2017). A lightweight password‐based authentication protocol using smart card. International Journal of Communication Systems, 30(16), e3336.

Waheed, S. R., Suaib, N. M., Rahim, M. S. M., Adnan, M. M., & Salim, A. A. (2021, April). Deep Learning Algorithms-based Object Detection and Localization Revisited. Journal of Physics: Conference Series. 1892(1), 012001. IOP Publishing.