| With the development of computer network and the popularization of Internet, the problem caused by network security becomes important, in fact, there are more and more illegal activities by using the network. The security of Internet is becoming more emphasized, as the first protecting line of the network application system, the identity authentication is used to verify the real identity of users, and prevent the sensitive data from being stolen by attackers.Among all the identity authentications, using password is in the most common usage, and the One-Time Password gets more attention because of its high security. This paper introduces the principle and the realization way of the One-Time Password scheme at first, and then analyzes the traditional OTP system S/KEY and some currently existing improving scheme which combining cryptographic algorithm,summarizes the defects which exist in these schemes, then designes a improving OTP scheme which can realize bidirectional authentication using symmetric cipher algorithm DES and asymmetric encryption algorithm RSA. The thesis elaborated the principle of the new scheme, explained the detail design of the system, and realized it with C/S mode by coding, designed and explained the realization with B/S mode.The new scheme using RSA to realize the bidirection between client and server, using two random numbers which exist both in client and server to make up the challenge, sharing a checking random number T and a step number to to prevent the system from being attacked by third party, using DES to realize some additional function after authentication, during the authenticate process, the session key K was transmitted, the message which transport on the net can be encrypted by the K after authentication, thus can guarantee the continuity of authenticating. The whole system has the features of simpleness, flexibility, cheapness and high security. |
PDF Full Text Request