The Research And Design Of A Dynamic Password Authentication System Based CHAP

With the computer network of rapid development, computer network security issues have become increasingly important. Identity authentication is an important component of a network security technology to restrict on illegal user access to network resources. More commonly used identity authentication technology is based on static password authentication technology. The technology is simple, user-friendly, and in a certain level of security can be effective user identity authentication. However, with the deepening of network applications and network attacks mean of diversification, static password authentication technology as its own security flaws is no longer adapted to the higher security network applications.Against static password authentication of safety defects, the industry models a one-time password authentication technology (One-Time Password Authentication), also known as dynamic password authentication techniques. By adding uncertain factors to entering course, dynamic password authentication technology makes authentication information dynamicly at ervery time, so as to improve the secutity. Dynamic password authentication technology has eliminated the static password authentication technologies of safety defects. In the network application system, it avoids the security vulnerabilities and offers safety atuthencication much more.In this paper, the identity authentication techniques and the cryptographic techniques which refer to the paper are discussed firstly. Then identity authentication system characteristics and threats will be discussed under the network environment and expound the theory and implement of daynamic password based on the mechanism of challenge/response. Aimed at the potential safety problems such as hijacking security and server deception in CHAP agreement, an improved scheme is proposed. The new scheme integrates identity authentication and session key generated, supports both sides authenticating each other, and erects a secure channel between server and user. Network attack such as playback, network monitoring, disruption of normal conversation, and other network attacks can be keep away effectively. Meanwhile in order to prevent information leaking on the server side, the public key encryption is used to encrypt the saving information. Finally the scheme has been detailed design and implementation.