Research And Implementation Of A Security Client Based On Password Authentication With Dynamic Soft Keyboard

With the continuous development of science and technology, the application of information technology is getting more and more widespread, and Internet is used widely, those all make sharing of information more general. The electronic transaction's scale expands unceasingly, online bank, e-commerce applications has been integrated into our lives, but opening and sharing has also brought the risk of information security, how to protect the security of transactions has become an issue, particularly the client side is relatively fragile,. The user's password may be stolen when login system, those all need the security client to safeguard the user's information security.The security client is used in the copyright protection, the national defense and other domains, but mostly used in online bank and e-commerce. The first online bank Security First Network Bank (SFNB) was born in Atlanta in 1995. In March of 1996, China's first online banking transaction was successfully done in Bank of China. Our country has also assigned the related policies and standards of online banking, and made the instruction to its security, strengthened control of the online banking's security and risk.Generally speaking, the security client login to the server and get authentication mainly in the following two ways: The first category is based on digital certificates. The certificates can be stored in the local computer or using USB key. The second category is using user name and password: it consists of two methods, using static password and dynamic password. The static password is rare used in general. When we use dynamic password, we can use soft keyboard or use security controls. In addition, you can use dynamic password lock.In this thesis we design a password-based protocol mainly from the development of the security client and the application demand, the user uses the dynamic soft keyboard to input password, identity of the user's status is verified by a password-based protocol. This greatly improves the security of the login system, and ensures that the user's password is not stolen. This security client system may use in online banking and other login system which need high security requirements.In this thesis, the security of the system design and analysis are discussed, When the user login register page, the server side dynamically generates 1024-bit public key and private key of RSA, sends the public key to the client, the user input the password and calculate hash digest by the applet, and then use public key to encrypt the hash digest, sends back to the server side. Some registration system transmits user's password in the cleartext over network, and server calculate hash digest of user's password, but in this way user's password is very easy to be stolen; Some registration system calculates the password's hash digest in the client then sends to the server, but we do not use this kind of plan, this mainly due to: in the login system, the client and server will use the user's password hash digest H(P) as a key to encrypt a randomly generated information. If we use this plan, the hash digest may be stolen when the user try to register, and it is not good for the security of the system. In addition, if H(P) is stolen, the attacker may obtain P through dictionary attack.This article designs and implements an effective password-based authentication protocol against dictionary attacks. The password-based authentication protocol in this thesis draws on the EKE protocol, in the application of B/S mode, it streamlined the steps of the authentication, so that it has less times of the interactive; it do not need to save the user's password or password hash digest in the local; it uses symmetric encryption and asymmetric encryption. The secret information transmitted in the process of certification is encrypted random number and random public key, it does any sensitive information, the attacker can not do a dictionary attack against the password.The protocol has following steps: (1)The user sends its ID to server. (2)The server side uses the user's password hash digest H(P) as a key to encrypt a random number Rs generated in the server and a public key E generated in the server, and then return them to the client.(3) In the client only, the user input the password and calculate the hash digest, and then uses public key E to encrypt random number Rs and obtains E(Rs). The client generates a random number Rc, encrypts Rs, Rc with E to obtain E(Rs, Rc), encrypts Rc with E, obtains E(Rc), sends E(Rs, Rc), E(Rc) back to in the server. (4)The server carries take out corresponding private key D, deciphers E(Rc) with D, obtains Rc; Deciphers E(Rs, Rc) with D, check them with formerly transmitted Rs and fromer deciphed Rc, if they all match, the user has be identified. The client take Rs and Rc as a whole, and calculate its hash digest, get H (Rs, Rc), take H (Rs, Rc) as a session key and then the client can send ciphertext to the server,Even if H (Rs, Rc) is stolen, the attacker can not obtain the password P, so this can prevent the Denning-Sacco attack.During the authentication process, the user's password hash digest was used to encrypt a random number Rs and random public key E. If there is an attacker who would like to make offline dictionary attack against password, the attacker selects a candidate password P', calculate the hash digest H(P') as the decryption key R, decrypt R(E) and R(Rs), and get E' and Rs'. Because Rs is a random number without any sensitive information, and E is a randomly generated public key without any sensitive information, so that the attacker cannot determine whether the candidate password P' is a real password P, so that it could not do offline dictionary attack against password P. The server uses D, decrypts E(Rs,Rc) to authenticate the user's status, and the Rc is randomly generated, it does not contain any sensitive information, and does not have not any relationship with the user's password P, it is used as a added salt value, which has increased random factors in the process of authentication, an attacker might expect to decrypt E(Rc), obtain the Rc, calculate E'(Rs',Rc) and check it whether it is equal to E(Rs,Rc), if it is equalis ,the attacker gets the user's password P by doing dictionary attack. But only the server - side can have D and can decrypt E(Rc), an attacker can even get E (Rc), but it cannot be decrypt, so this can prevent offline dictionary attacks. For online dictionary attack, if an ID tries to login in and always fails, disables this ID for loginning.The security client uses a secure password-based authentication protocol, In addition, we use high-strength encryption measures, uses AES encryption algorithm which is considered relatively secure now, uses the user's password hash digest as a seed of secure random number to generate AES key. 1024-bit RSA is now considered relatively secure, there is no good way in a short time to attack 1024-bit RSA, its private key is saved in the server side. Even if the confidential information is stolen when transmit, the attacker can not obtain session key.The user use dynamic soft keyboard to input password, prevents the user to use keyboard input password, and prevent software which can record the keyboard strike information to steal user's password. In addition, in the user input password's page, using iframe method, prevents an IE browser's flaw, which can cause the user's password be stolen through the IHTMLInputTextElement. In the security client the applet is used to encrypt and decrypt the user's password, but the bytecode file has many debug information, which makes it easy to decompile the file and get the source code. We use obfuscator to make the bytecode of the applet confused, so if the class file of applet is decompiled, it is more difficult to understand. The confused bytecode of class file has the same function with the original one, so the bytecode of applet is confused before release, this can improve security, hidden the handling details of password in the client.Security client system is divided into registration system and login system, after login the system, it can transmit ciphertext. In this thesis, the client is based on Internet Browser, and useing the soft keyboard to input password, and the number keys are dynamically arranged, the soft keyboard is implement by CSS and JavaScript; the user's password is encrypted by applet in the client, and the bytecode of applet is confused before release; In the server side we use JSP technology with database in the server side to deal with the request of the user's registration and identity the user, and decrypt the ciphertext.The security client in this thesis can be used for online banking's login system which requires high security, it can effectively enhance the security of login system based on user name and password.