| With the development of information technology, many network-based applications can be found in current business works. Identity authentication has become the focus of concern gradually for the susceptibility of these applications. And it is a most important security service as well as the basis for access control.Traditionally, static password-based authentication schemes are very popular for identity authentication in remote access, which has many security vulnerabilities. Dynamic password authentication is one of the advanced solutions to enhance the security. The key idea is to keep the verification changing constantly.Based on the research project, in this thesis the key technical points, designing and analyzing of the authentication scheme, programming and testing of the prototype system are presented. After surveying the actuality and development of the identity authentication, the concept, mechanism of identity authentication and the related cryptography theory are discussed. After analyzing the Hwang and Li's scheme, ElGamal public-key mechanism based scheme is proposed to enchance its security. With the combination of challenge-response mechanism and smart card as well as the fingerprint verification technologies, mutual authentication is achieved in our scheme. Meanwhile, the security analysis and efficiency character of our scheme are given in detail. Finally, how to design and develop a prototype of an identity authentication system with this scheme is described carefully. And the research work in the future is also suggested.Our new scheme has higher security to withstand masquerade attack and replay attack. And it is fair for the mutual parties because the dynamic factor is generated by both of them. Moreover, user's fingerprint need not be transmitted during communication, which protects user's privacy. The research work mainly focuses on the following concepts: authentication mechanism, encryption/decry-ption algorithm, hash function, etc. |
PDF Full Text Request