| With the rapid globalization of information, the network, as one of the informationtransmission methods, has already become a very important part in people's life nowadays,especially when China has become a network country due to the widespread of networkconstruction in recent years. But at the same time, network security becomes a problemwhich arouses more people's concern. In fact, there are more and more illegal activities byusing the network. Therefore, identity authentication, the important part of networksecurity technology, becomes a heated topic recently.Among all the identity authentications, password authentication is the one used most,and among which the one time password scheme draws most attention because of its highsecurity. This paper introduces the principle and the realization way of the one timepassword scheme at first, and then summarizes the defects of existing schemes bycomparing several kinds of common one time password schemes. Combining those withpublic key encryption and SSL protocol, a bidirectional authentication one time passwordscheme is designed. Then the concrete steps of the new scheme are given, and it is simplerealized by the B/S mode.During the design of the new scheme, SSL protocol is used to guarantee the safeexchange of keys between the server and the customers, so that the information can be sentto the other side correctly. Besides, the method of two random numbers is used tostrengthen the randomness of the password. The system is simply and flexible. It costslower, but is much safer. |
PDF Full Text Request