Last week emphasized that cybersecurity becomes crucial in almost every aspect of our life. One-time password algorithms are widely used in digital services to improve security. However, many such solutions use a constant secret key to encrypt (process) one-time plaintexts. A countermeasure for the analyzed algorithm has been proposed by DCD-SEMI’s engineer responsible inter alia for CryptOne cryptographic system and DAES IP Core.

Bytom, Poland March the 3^rd, 2022. Cryptography is the basis of modern secure communication. But the paradigm shift from constant to one-time keys could introduce tangible benefits to the application security field. DCD-SEMI’s engineer, Mr. Szymon Sarna has analyzed a one-time password concept for the Rivest–Shamir–Adleman algorithm, in which each key element is hidden, and the value of the modulus is changed after each encryption attempt. The difference between successive moduli is exchanged between communication sides via an unsecure channel. Analysis showed that such an approach is not secure. Moreover, determining the one-time password element (Rivest–Shamir–Adleman modulus) can be straightforward. Is there a countermeasure for that? Of course! It’s been presented here: https://www.mdpi.com/2079-9292/11/1/95