| With the development of global information and the popularization of Internet, the security of computer networks has become the focus of concern gradually. The computer networks brings so many security vulnerabilities and attacks because of its open character. The network resources can be accessed and copied easily. So it is very important to carry through the identity authentication for people who want to access the network resources. Nowadays, there are several security services in the network communication, such as identity authentication,access control, confidentiality, integrality and anti-negation, As the first line of defense in the security application system, identity authentication is the most important security services, all of others depending on it, and the whole system will be defeated if identity authentication lost. So, identity authentication is one of the most important technology in Network Security.The technology of identity authentication based on the static password is common. The characteristics of this technology is easy to use and authenticate the users' identity safely and availably. As the applications of networks develop deeply and the means of attacking become variety, the technology of static password authentication can not meet the needs of network system which needs security requirements because it's security vulnerabilities. The main attack means to the static password authentication technology are: the users' non-cryptograph password can be wiretapped from the network and the cryptograph password can be suffered record/replay attack. Other attacks means include forge host attack, inside attack and dictionary attack etc.The information security experts bring forward the technology of One-Time Password Authentication for the static password authentication's security vulnerabilities. This technology means the password for identity is only used one time and differently with adding indeterminable genes every time. The system can validate users by the same algorithm when receives the password.The One-Time Password is an identity authentication technique, which does not needs the third party as CA(Certificate Authority). It takes advantage of the "one time one cipher" , and can avoids the security vulnerabilities and offers safety authentication much more.In this paper, An one-time password authentication scheme, which implements two-way authentication for B/S structure ,is designed with RSA, AES, MD5 encryption algorithms , combinated with ordinary password, picture passwords, server identification technologies. this authentication scheme is efficient, safe, reliable, flexible. |
PDF Full Text Request