一种基于数字签名的动态身份认证机制研究与设计
发布时间:2018-07-16 20:59
【摘要】:伴随当今网络广泛普及,产生诸多安全问题,如恶意软件肆虐(像蠕虫病毒Flame)、黑客攻击(像维基解密网站遭受持续攻击)、个人隐私泄密(像LinkedIn用户密码(password)泄露、云存储Dropbox账户被盗)、操作系统安全(像Android系统)以及棱镜门事件等网络安全事件。当下,信息科技产生的网络安全问题已经上升到国家战略高度。在众多网络安全策略中,身份认证是网络安全的基础。 文中分析了传统静态密码身份认证机制及其种种弊端,这类弊端使得它无法保障其安全性,因此动态密码认证技术应运而生。然而传统动态密码身份认证仍然存在认证效率低,安全强度不高的缺陷。文中对密码学技术及相关理论、数字签名技术以及动态密码身份认证技术进行了深入研究,,提出了本文改进的动态密码身份认证机制。 本文采用将MD5密码算法、改进的ELGamal密码算法以及登陆次数相结合,并对其所涉及的各个环节进行了改进,比如ELGamal算法中的大素数生成阶段,大数幂模运算,数据库存储数据方面以及认证机制过程等进行了改进,设计了一个基于挑战/应答的改进的动态双向身份认证机制,使其具有更高的安全性和效率。最后对其性能、安全性和精确度等方面进行总结和分析,最后将这种认证机制应用在了云平台上。
[Abstract]:With the popularity of the Internet today, there are many security problems, such as malware (like the worm Flame), hacker attacks (like WikiLeaks continued attacks), personal privacy leaks (such as (password) user password leaks, etc.) Cloud storage Dropbox account stolen), operating system security (such as Android system) and prism gate events and other network security events. At present, the network security problem caused by information technology has risen to the national strategic height. Among many network security policies, identity authentication is the basis of network security. This paper analyzes the traditional static cryptographic identity authentication mechanism and its drawbacks, which make it unable to guarantee its security, so dynamic cryptographic authentication technology emerges as the times require. However, the traditional dynamic cryptographic authentication still has the defects of low efficiency and low security intensity. In this paper, the cryptography technology and related theory, digital signature technology and dynamic cryptographic authentication technology are deeply studied, and the improved dynamic cryptographic identity authentication mechanism is put forward in this paper. In this paper, the MD5 cryptographic algorithm, the improved ELGamal cryptographic algorithm and the login times are combined, and the various links involved in the algorithm are improved, such as the large prime generation stage in the ElGamal algorithm, the operation of the large power module. The database storage data and authentication mechanism are improved. A dynamic bidirectional authentication mechanism based on challenge / response is designed to make it more secure and efficient. Finally, the performance, security and accuracy are summarized and analyzed. Finally, the authentication mechanism is applied to the cloud platform.
【学位授予单位】:河北工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
本文编号:2127654
[Abstract]:With the popularity of the Internet today, there are many security problems, such as malware (like the worm Flame), hacker attacks (like WikiLeaks continued attacks), personal privacy leaks (such as (password) user password leaks, etc.) Cloud storage Dropbox account stolen), operating system security (such as Android system) and prism gate events and other network security events. At present, the network security problem caused by information technology has risen to the national strategic height. Among many network security policies, identity authentication is the basis of network security. This paper analyzes the traditional static cryptographic identity authentication mechanism and its drawbacks, which make it unable to guarantee its security, so dynamic cryptographic authentication technology emerges as the times require. However, the traditional dynamic cryptographic authentication still has the defects of low efficiency and low security intensity. In this paper, the cryptography technology and related theory, digital signature technology and dynamic cryptographic authentication technology are deeply studied, and the improved dynamic cryptographic identity authentication mechanism is put forward in this paper. In this paper, the MD5 cryptographic algorithm, the improved ELGamal cryptographic algorithm and the login times are combined, and the various links involved in the algorithm are improved, such as the large prime generation stage in the ElGamal algorithm, the operation of the large power module. The database storage data and authentication mechanism are improved. A dynamic bidirectional authentication mechanism based on challenge / response is designed to make it more secure and efficient. Finally, the performance, security and accuracy are summarized and analyzed. Finally, the authentication mechanism is applied to the cloud platform.
【学位授予单位】:河北工业大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前10条
1 张峰,王小妮,杨根兴;一种安全的身份认证系统——动态口令认证系统[J];电脑开发与应用;2002年04期
2 瞿白;;大数的生成和素性检验[J];电脑知识与技术;2010年26期
3 阮卫华;;云计算技术在互动电视的实践与探索[J];电脑知识与技术;2011年29期
4 孙磊;戴紫珊;郭锦娣;;云计算密钥管理框架研究[J];电信科学;2010年09期
5 张亮,张加亮;动态身份认证方案及应用[J];重庆大学学报(自然科学版);2004年07期
6 李育裕;韩坚华;;指纹与密码体制相结合的认证方案研究与实现[J];广东工业大学学报;2010年01期
7 汤鹏志;李彪;;基于频率的大素数高效生成算法[J];华东交通大学学报;2011年05期
8 夏培肃;量子计算[J];计算机研究与发展;2001年10期
9 叶锡君,吴国新,许勇,束坤;一次性口令认证技术的分析与改进[J];计算机工程;2000年09期
10 陈立志,李凤华,戴英侠;基于动态口令的身份认证机制及其安全性分析[J];计算机工程;2002年10期
本文编号:2127654
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2127654.html
