| With the rapid development of computer and network technology,people's lives began to change in the earth-shaking. Network started to become part of people's lives and play an increasingly important role. And the development of E-commerce makes the network very important. But at the same time there were a lot of illegal activities in the network,so how to ensure security of network information is that every person and business,as well as each country must face.Authentication as the first threshold of information security, has played an irreplaceable role in protection of system security. If the authentication system has been overcome by an attacker,for the whole system,there will be no security to speak of. It can be seen that all other security services are built on the basic of Authentication. Therefore,the security of identity authentication is crucial.Traditional authentication scheme use static password to do the authentication job for its Easy-to-use. However,due to their own safety shortcomings,this authentication method does not provide adequate security. To solve its defect dynamic password authentication was proposed. Its basic idea is to join the authentication process uncertainties (such as time,random number) as a challenge. So that each password transmission is not same and the security will be improved.This article first analyze the current range of authentication techniques,then the classic authentication scheme,and at last a system based on elliptic curve cryptography dynamic password authentication scheme is proposed. And use random number as uncertainties,which enable the scheme to resisting replay attack. The server-side and client -side two-way authentication has achieved. And at the same time smart cards and fingerprint authentication was combined with to further enhance security. After the authentication,an crypto key can be negotiated in convenience. |
PDF Full Text Request