One Time password based lock system

Abstract

The One Time Password Lock System project is an implementation to ensure safe authentication by verifying end-users’ identities. This document gives the design and implementation of a system that authenticates the user on the basis of two factors i.e. a static PIN (something that you know) and token generating time-based one-time passwords (something that you possess). A time-based one-time password is valid for only one login session and changes after some time interval that is fixed. The user will carry the portable token which is a hardware device based on Arduino platform and implements RFC-6238 standard defined by OATH to generate time-based one-time passwords (TOTP) valid or 60 seconds. When the user comes near the door lock, these passwords will be communicated with the server using wireless Bluetooth communication protocol. In this way, at the authentication end on the door, server will be synchronized with the token. The user will first enter the static PIN and then use the password displayed on the token to authenticate to the system. This combination of information on Token and PIN will form the basis of two-factor authentication to ensure safe authentication.