基于一次口令的认证协议设计与实现
发布时间:2019-04-08 12:16
【摘要】:互联网络的快速发展给人们的生活带来了极大的便利。认证是互联网络安全的最基本要素,能够实现用户与服务商之间彼此身份确认。由于其独有的 长度短、容易记‖特性,口令认证协议已成为当前互联网络认证的主要技术。然而,近年来的 密码泄露‖事件,表明了当前主流的静态口令技术存在着严重的安全隐患。 在总结已有公钥认证协议、对称密钥认证协议以及口令认证技术的基础之上,本文设计并实现一套安全高效的基于一次口令认证体系。主要的内容包括以下三个方面: (1)设计一个基于一次口令的两方认证协议,所设计的协议无需在服务端存储用户口令,并且用户端仅仅执行哈希函数、异或等操作,能够有效地降低用户端的计算开销。 (2)在一次口令两方认证协议的基础之上,设计一个基于一次口令的三方认证协议。用户能够通过注册服务器与其他授权服务器进行相互认证。 (3)在Eclipse环境中使用JAVA语言,实现本文所提出的两个认证协议,并且对协议的性能进行了测试,测试结果表明所提出的协议具有很好的性能。
[Abstract]:The rapid development of Internet has brought great convenience to people's life. Authentication is the most basic element of Internet security, which can realize the identification between users and service providers. Due to its short length and easy to remember, password authentication protocol has become the main technology of Internet authentication. However, the password leakage in recent years shows that there are serious security risks in the current mainstream static password technology. On the basis of summarizing the existing public key authentication protocol, symmetric key authentication protocol and password authentication technology, this paper designs and implements a secure and efficient one-time password authentication system. The main contents include the following three aspects: (1) Design a two-party authentication protocol based on one-time password, the protocol does not need to store user password on the server side, and the client only performs hash function, XOR and so on. It can effectively reduce the computing overhead of the client. (2) on the basis of two-party authentication protocol, a three-party authentication protocol based on one-time password is designed. Users can authenticate with other authorized servers through the registration server. (3) using Java language in Eclipse environment, the two authentication protocols proposed in this paper are implemented, and the performance of the proposed protocol is tested. The test results show that the proposed protocol has good performance.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
本文编号:2454566
[Abstract]:The rapid development of Internet has brought great convenience to people's life. Authentication is the most basic element of Internet security, which can realize the identification between users and service providers. Due to its short length and easy to remember, password authentication protocol has become the main technology of Internet authentication. However, the password leakage in recent years shows that there are serious security risks in the current mainstream static password technology. On the basis of summarizing the existing public key authentication protocol, symmetric key authentication protocol and password authentication technology, this paper designs and implements a secure and efficient one-time password authentication system. The main contents include the following three aspects: (1) Design a two-party authentication protocol based on one-time password, the protocol does not need to store user password on the server side, and the client only performs hash function, XOR and so on. It can effectively reduce the computing overhead of the client. (2) on the basis of two-party authentication protocol, a three-party authentication protocol based on one-time password is designed. Users can authenticate with other authorized servers through the registration server. (3) using Java language in Eclipse environment, the two authentication protocols proposed in this paper are implemented, and the performance of the proposed protocol is tested. The test results show that the proposed protocol has good performance.
【学位授予单位】:西安电子科技大学
【学位级别】:硕士
【学位授予年份】:2014
【分类号】:TP393.08
【参考文献】
相关期刊论文 前1条
1 冯登国;可证明安全性理论与方法研究[J];软件学报;2005年10期
,本文编号:2454566
本文链接:https://www.wllwen.com/guanlilunwen/ydhl/2454566.html
