Design And Implementation Of Password-based Authentication System

With development of information network, more and more people would rathertrade on internet or top-up on internet. Telecommunication business offers the service ofpaying the bill via credit card or online back. It makes people’s life easier and moreconvenient, but in the meantime, the security of network is being challenged. Sincepassword-based authenticated key agreement protocol is easy and effective, it is oftenused to verify the validity of identity when user or sub-system log in host under adistributed environment and decide if authorize the resource. However, most passwordsuses static-password. Static-password is easy to leak so that it causes password-basedauthentication system is also easy to attack and unsafe. Dynamic password is one-timeand dynamic so that it can strengthen the protection of password. Researching ongeneration of the effective and reliable dynamic password is able to makepassword-based authentication system safer.This paper first introduce that the background of the research and the researchsituation domestic and overseas. Then it introduces one-time password authenticationscheme. To strengthen the security and integrity of data, it has to bring knowledge aboutdiscrete logarithm. This paper also introduces the basic knowledge about discretelogarithm. Including basic math knowledge, how to get generator, AES arithmetic andhash function. And based on the difficulty of discrete logarithm in finite fields, thispaper presents password-based authentication protocol. It also brings some conceptsabout big prime number and multiplicative group which make system can generateeffective and reliable dynamic password when it logins on every time. It can ensure thereliability of login and generate the dynamic secret key to make the communicationmessage is transferred safely between customer and server.Under Visual C++6.0, it designs and realizes the password-based authenticationsystem. General design all modules, including customer module, server module,database module and communication module in registration protocol, and customerlogin module, server login module, customer chat module, server chat module, logmodule, database module and communication module in login protocol. And based on the difficulty of discrete logarithm in finite fields, the paper designs a system whichclient and server will identify the validity of each other via encryption algorithm ondiscrete logarithm. Aftler identification, it will create a new secret key, and achieve thesafe communication via AES arithmetic. Finally, it completes the system test to ensurethe availability of system.