SecurePass: Guarding sensitive information from untrusted machines

We propose a proxy based solution to secure web access from un-trusted machines. Traditional proxy based solutions require constant out of band communication with the proxy. However, our system does not require constant communication with the user. Instead, the user carries a mobile device capable of performing cryptographic operations to generate onetime passwords. These passwords are then used to authenticate to the proxy. We have developed a prototype system and tested its performance in terms of security and response time.