| As the popularity of computer technology and the rapid development of Internet, computer network have penetrated into all aspects of social life. Especially, E-government, e-commerce, online games and other online business have sprung up in every corner of our life with the information construction accelerating in recent years. However, the network environment is filled with complexity and uncertainty because of its globalization and opening, which makes it suffer variety of attacks and fake. Deliberate attacks, tampering, eavesdropping, implant viruses, Trojans, malicious intrusions and illegal access to important information resources and network infrastructure have brought great threat. Therefore, it has been a problem that how to ensure computer network security, which has become the focus that all the country concern.Identity authentication is the indispensable part to construct network information system security, as well as the basis of information security. Currently, digital signature authentication and password authentication are common identity authentication methods. Certificate-based digital signature provides high security, which requires a complete certificate-based system correspondingly. As one of the earliest authentication technology, password authentication has been widely developed and applied for its simplicity and practicality. Instead of traditional static password authentication with obvious security weakness, dynamic password technology came into existence. It is raised as a way of certification where the password changes randomly every time. In order to improve the safety of the login process, uncertain factors are added in the password so that the information which is transferred during certification process is different.This paper mainly completed the following aspects of the work:(1) A description is made on the background, value and significance about research, in which the current research status is highlighted.(2) A survey is discussed on the development and classification of typical dynamic password authentication technology, with a comparison between several different mechanisms to achieve in details.(3) With the analysis of advantages and disadvantages on a couple traditional dynamic password authentication strategies, a new dynamic password authentication scheme is proposed, which is based on Challenge/Response mechanism, at the same time symmetric encryption and hash function is combined. The design of the scheme improves the existing security flaws. In addition, a comprehensive performance evaluation is carried out. (4) The scheme is implemented and tested, by means of applying it to a prototype system of teaching management software as a sub-module of identity authentication system. Performance and security testing proves that this scheme not only achieve mutual authentication between server and client under the network environment, but also has the advantages of high safety, strong practicability, low cost etc., which can be used as identity authentication protocol in most insecure network channels. |
PDF Full Text Request