Research And Implement Of Identity Authentication System Based On Mobile Token

With the development of the IT technology and the network techonology,more and more people use the internet and information system to solve their problems. A lot of network and information system have to face more and more security risks than ever. Identity authentication acts as the first barrier to protect the system and plays a vital role in these aspects; it provides the most important secure service and builds the foundation of the access control.Most of identity authentication systems rely on password, it is very weak when faces modern tools' attack, and could not provide enough security for the information system. The problem could be solved by taking mobile authentication, but as a new authentication system, it is very hard to connect with existed authentication systems, especially operate systems ' author and access control mechanism.This paper first conducts the research and the analysis to the current commonly used identity authentication technology, and pay emphasis on the advantage and insufficiency about the token authentication and the password authentication. Based on this, this paper proposes a new token authentication scheme, which can closely integrate with the traditional authentication system to form a seamless interface, and use the corresponding authorization and the access control service directly and realized a prototype system. The paper's transform the challenge-response token authentication to password authentication, which solves the secure problem of the password authentication and take use of the author mechanism which is bonded to password authentication. In order to complete that, the paper has carried on the following work:·proposes a password recoverable challenge/response authentication protocol, which transforms the challenge/response token authentication to the password authentication, then this paper presents the concrete response code and the password recovery algorithm using identity-based digital signature scheme presented by Shamir. ·developed a mobile token software based on the lightweight crypt package from Bouncy Castle and the J2ME platform, and solved scheme's feasible problem;·realized the PC end and the token client end's uniform Big Integer operation interface Based on the expansion of the Big Integer class from Bouncy Castle, which plays a great foundation for the realization of the crypto-algorithm for the system prototype;·analyzed the implementation of Bluetooth Telecommunication Technology on the mobile and the PC, designed a telecommunication model between the mobile token and the PC end, and implemented this model by programming;·customized the Windows' GINA authentication module, realized the convergence between the token authentication system and the Windows operating system's authentication and authorization mechanism, implemented the development of mobile token authentication prototype system finally.The paper also carried on a comprehensive test of the authenticationprototype system, and discloses the related performance statistical data. The experimental result indicates that this system is easy to operate and the performance is good.