Design And Implementation Of Multi-Factors Authentication System

The main content of this paper is the design and implementation of a three tiers Multi-Factors Authentication System based on the pseudo random sequences generated through chaotic mapping fuctions. The new idea in such a design is the utilization by two groups of parameters in controlling the tansforming of the "account" and "password". Therefore changing the traditional autentication of static "account" and "password" into the autentication of "dynamic account" and "dynamic password". This "dynamic Pass-Pair" authentication contains not only the factors of static "account" and "password" , but also the configutable and cotrollable "Time-factor", some synchronous information is also embedded, so that the sychoronous authentication is applicable.In the beginning, the paper gives a brief review of some standard authentication protocols and its potential security limitaions, analyzes some current solutions from IT industry either inside the country or world wide, later on, the paper introduces some developing background knowledge about technologies and theories of Cryptograpy and Information Security, it explains the applicaton ways of the pseudo random sequence generation algorithm and stream cipher. The pseudo random number generation algorithm and stream ciphers are playing very vital role in the design and implementation of such an authentication system. The characteristics of chaotic systems are very good for designing stream cipher, so after some simple analysis, two algorithms are choosed for use. A proposal of the Multi-Factors Authentication System with three tiers architecture is provided and detailed explanation of the concrete design and implementation of such a system follows, its detailed features, function flow charts and key data elements interaction are demonstrated as well. Some important user interfaces and testing process are showed later. The authentication system's three layers include: front-end tansforming client + middle-end Agent + back-end authentication server. At last, some concrete development considerations are illustrated through the demonstration with some application program code of the key technical points. In the conclusion, summary is made for the authentication system's fuction design, some suggestions for the future upgrading and possible application models are also discussed.