NORMA eResearch @NCI Library

Protecting speech-based One – Time passwords from man in the middle attacks

Raut, Pratik Prakash (2022) Protecting speech-based One – Time passwords from man in the middle attacks. Masters thesis, Dublin, National College of Ireland.

[thumbnail of Master of Science]
PDF (Master of Science)
Download (1MB) | Preview
[thumbnail of Configuration manual]
PDF (Configuration manual)
Download (931kB) | Preview


Today, as the world is witnessing the evolution of cyber security in all aspects of our digital world, more sophisticated authentication mechanisms are coupled with the conventional password-based systems. These include one-time passwords, passphrases, token-based cards and other biometric schemes that are used to enhance or add an additional layer of security. But these authentication mechanisms are still subject to attacks such as keylogging, brute-forcing, shoulder surfing, and the man in the middle technique. One of the most popular and widely used two-factor authentication system is the One-time password (OTP) authentication mechanism. To prevent keylogging and shoulder surfing attacks, it is proposed that the traditional One-Time password (OTP), which is normally entered using a keyboard on the user machine, be spoken out by the user on its microphone to prevent key logging attacks. Furthermore, speech recognition module can be applied to convert the decrypted user voice sample into the One – Time Password (OTP) text, thereby reducing the possibility of shoulder surfing or keylogging. The speech sample will also be encrypted and transmitted to the server side to prevent any man-in-the-middle attacks from taking place. The main focus would be on the encryption of the voice samples and recognition of the digits spoken out by the user using an accurate speech recognition technique to prevent any delay in the authentication process and avoid the loss of data. The paper proposes to introduce a scheme of encryption with speech recognition over the One-Time Password (OTP) based systems, which improves the security of the application without compromising on the user experience. Although many encryption and speech recognition approaches are accepted as industry standard, the proposed system comprises of the python speech recognition library and the implementation of monoalphabetic cipher algorithm, which is in line with the requirements of the proposed authentication solution.

Item Type: Thesis (Masters)
Uncontrolled Keywords: OTP; Multi Factor Authentication; Speech Recognition; Key logging; Shoulder surfing; Encryption; Monoalphabetic cipher; Man in the middle attack
Subjects: Q Science > QA Mathematics > Electronic computers. Computer science
T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science
Q Science > QA Mathematics > Computer software > Computer Security
T Technology > T Technology (General) > Information Technology > Computer software > Computer Security
Divisions: School of Computing > Master of Science in Cyber Security
Depositing User: Tamara Malone
Date Deposited: 29 Dec 2022 14:51
Last Modified: 29 Dec 2022 14:51

Actions (login required)

View Item View Item