| The computer network will realize the resource sharing effectively, but the resource-sharing and information security is a pair of contradictions. As the resource sharing further, the information security is more outstanding day by day.How to guarantee the legal user's legal access to resources and protect hackers' attacks has been the mostly content of network security. The network security mechanism has several essential factors: authentication, authorization, integrality, non-repudiation and confidentiality. Authentication is very important and basic security service. And other security services all depend on it.According to the security problem, this paper makes an overall study on user authentication based on the Kerberos protocol, using the technique of public key authentication and the theory of elliptic curve cryptosystem. The primary research contents are summarized as follows:1 . Several user authentications are reviewed, and the authentication process and distribution method of secret key of Kerberos are analyzed in detail. The paper also analyses its advantage on authentication security and point out all sorts of potential security problem.2 The public key encryption-based algorithm is studied. Also the relevant problem of elliptic curve cryptosystem is discussed especially, such as elliptic curve disperse logarithm problem, elliptic curve selection, principle of encryption system etc.3 Improve Kerberos protocol based on public key encryption technique and use random number method to replace time stamp technology preventing replay attack. It abandons the weak points of original protocol. A higher security of identity authentication protocol is designed and the security and adaptability of the whole protocol get further improvement. And use BNA logic theories to prove the completeness and validity of the improved protocol.4 On the base of former research , a new model of user authentication system is designed based on the improved Kerberos protocol and public key encryption system. And the practical application of the model is given also.
|
PDF Full Text Request