| The access control method used by most of the current network system is the traditional static password authentication technology, depending on match of the username and password to confirm the user’s legitimacy.However, with the high spread development of network technology, static password authentication method is faced with a lot of security, but to based on the whole CA system, the technique is complex and cost high. In view of the above questions, the expert put forward on the one-time password OTP(One-Time Password).The principle of OTP is that adding the dynamic factor while user logins server, the password is different each time, after the system receives the password, it will do a check to verify the user with the corresponding algorithm, OTP is a digest certification, can resist interception attacks and replay attacks, and is a practical, safe and effective certification technique..This paper found that S/KEY system for decimal attack, false server attack and may cause the deficiency of the server, and given the improved one-time password authentication system. On account of this problem, an improved one-time password authentication system is proposed:on the one hand, the server sends challenge information in accordance with encrypted user information from the client through comparing decrypted the random number, verifying the authenticity of the server. In this way, it can effectively achieve the client/server two-way’s authentication. The system increases security of one-time password authentication and the implementation of high-strength authentication. The system can be a good solution to all types of enterprises and institutions of the network access authentication and communication confidentiality. |
PDF Full Text Request