Research And Implementation Of Dynamic Key Management Scheme Based On The Android System

With the rapid development of computer network technology, network securitythreats followed. As the wide application of user identity authentication system, to setup and improve the system security is meaningful, also is the focus of the currentnetwork security research.Generally based on the static password authentication, user accounts arevulnerable to be attacked, requriment has been completely unable to meet its systemof higher security. In addition, clear information in the process of networktransmission is also blocked. Symmetric encryption algorithm can effectively resistthe capture of the network eavesdropping on clear, but the Shared secret key securityissues of symmetrical secret is limited the use of the environment.According to these security issues we mainly do the following:First of all, in this paper, the principle of dynamic password technology,characteristic has carried on the detailed research, its security is analyzed in detail.Established the algorithm of dynamic password, the core algorithm of dynamicpassword, etc. Dynamic password technology can effectively make up for the staticpassword security flaw in identity authentication system.Second, the traditional dynamic password token lack of communication with theauthentication server capabilities, research and design a kind of dynamic token basedon the Android system, which based on the NTP protocol is used to set time error wayto adjust the token with the server the dynamic factor of the error. Token encapsulatesafter data encryption and authentication server in an XML document, using the HTTPprotocol to transmit.Finally, based on the dynamic token of the Android system, and designed a kindof dynamic management of AES encryption key key management system. Using thedynamic password token of extension after algorithm as the dynamic key of AES.Allows the user for each data when interacting with the server using encryptionalgorithm has a different key, improved the security of the system of keymanagement.This system can be applied to dynamic authentication, user login to the identity ofthe users at the same time to the effective management of the user and the server for symmetric encryption information interaction of the Shared secret. Asymmetricencryption can applied to more complex network environment.