A Method Based On Dynamic Encryption Of The Host’s Identity Authentication In The Network Safety

The identity authentication is the method to identify the user by system, which is authenticity, legality and unicity. It mainly includes two authentication technology, the identity authentication based on the certificate and the identity authentication based on the password. The identity authentication based on the certificate is complex, makes the high cost, and has narrow range. The identity authentication based on the password is simple to realize, makes the low cost, and gets a lot of network application system attention. So the identity authentication uses the identity authentication based on the password widely, which has the great significance to the safety of the password authentication technology researching.The existing password authentication technology mainly has a static password authentication and dynamic password authentication. The dynamic password authentication is safer than the static password authentication. And in today’s network system the security problems are paid more and more attention, so the dynamic password authentication is imminent. At present, the dynamic identity authentication methods mainly contain the challenges/response, the time synchronization and SAS-2 and so the authentication way, in which SAS-2 dynamic authentication methods do not need to separate hardware configuration, and make the cost low, those are suitable for today’s network system, but still have defects. They have no ability to resist middleman attack and denial of service attacks, but the denial of service attacks is 80 percent of network attacks. So the study of a higher safety and efficiency of the dynamic password authentication method (hereinafter referred to as dynamic identity authentication method) has the very vital significance to the safety of network authentication.This paper mainly discusses and researches the following aspects:First, the concepts of synchronous data set, the authentication data set, the authentication request and the authentication reply are given out. The authentication request uses MAC parameters to resist the denial of service attack, and the synchronous data sets can realize the target of resistance to broker attack. And combined with RSA encryption transmission algorithm, the RSAS method is proposed based on the dynamic identity authentication, and improves the original SAS-2 safety defects.The second, a kind of credible detection algorithm MTC (My Trust Checking) is proposed, using the wrong-checking function to analysis the user’s password, which improves the error’s testing rates and can detect illegal user’s login rapidly.Third, the concept of the user login credible indicator collection is given out. They update credible login indicator according to the real-time login situation. Combined with RSAS algorithm and MTC algorithm, a new type of dynamic identity authentication methods MRDP (MTC-RSAS Dynamic Password) is proposed, not only improves the security, but also improves the login efficiency of the super credible user.Fourth, the network safety method based on the dynamic identity authentication is proposed, which combines the identity authentication with access control mechanism effectively, and simplifies the traditional network security model.Fifth, the feasibility and effectiveness of the algorithms put forward in this paper is verified by the simulation experiment, including the RSAS algorithm, MTC algorithm and MRDP algorithm.