| Graphical password is a new identity authentication technology which using image to instead of traditional text-based password.Not only because the graphical password is easy to remember, user-friendly,but also because it is inconvenient to transmit,so it's more security than text-based password.As well as text-based password,graphical password is vulnerable to shoulder surfing, and could not defend replay attack and network wiretap,but it really find a viable way to remember the password.For the vulnerabilities of graphical password authentication,this paper proposed an authenticating scheme based on one-time-key.Main research contents of the thesis are:1.Introduce the existing graphical password identity authentication schemes,discuss some shortcomings of graphical password in the case of authentication through an open network.2.Design a one-time-key implement scheme based on one-time password technology implementation mechanism.3.Design an authenticating scheme based on one-time-key,which use image instead of text-based password to insure to easily remember the password,and with one-time-key to insure the security when transporting the graphical password.4.Propose a graphical password authentication using entering a series of numerical string instead of the mouse-clicks used as the mean of entering a password which could effectively defend shoulder-surfing.5.Point out the advantages of the scheme in terms of security and the disadvantages in terms of performance.This paper proposed an improved method of high feasibility,reliability to remedy the shortcomings in the existing graphical password which based on the one-time-key,which enhances the security of the password and avoid replay attack and shoulder-surfing attack.Similar techniques can be used to boost up the security of the application security systems for more flexible application. |
PDF Full Text Request