###
DOI:
工程科学与技术:2010,42(2):154-159
←前一篇   |   后一篇→
本文二维码信息
码上扫一扫!
基于双随机软输入模型的一次性口令认证方法
(西南交通大学CAD工程中心)
One-time Password Authentication Based on Double Random Soft Input Model
(CAD Eng. Center,Southwest Jiaotong Univ.)
摘要
图/表
参考文献
相似文献
本文已被:浏览 1850次   下载 0
投稿时间:2009-09-27    修订日期:2009-11-19
中文摘要: 针对现有的一次性口令认证技术在B/S模式下应用的局限性,提出了基于双随机软输入模型的一次性口令认证方法。该方法的核心思想是,当用户需要输入认证口令时,认证服务器动态生成双随机输入软键盘,即每次生成的软键盘的界面接口布局是随机的,且其接口对应的输入字符也是随机的。研究结果表明该方法不需要在客户端进行任何计算,就可保证每次在客户端输入的口令及在网络上传输的认证口令由若干组不同的随机字符串组合而成,有效解决了口令认证中的捕获/重放攻击、内存截获及输入截获攻击问题。
Abstract:The existing one-time password authentication technology was analyzed. To overcome its limitations on B/S application mode,a soft input model based on double random input unit was put forward. When the user need to input authentication password, the authentication server dynamically generates double random input soft keyboard, the interface layout of soft keyboard generated by the authentication server each time is random, and its interface to the corresponding input character is also random. The study results showed that based on this method, the password entered in client and password transmitted over the network are mapped to several groups of different random string each time without any computing in client, and effectively solves some password authentication problems including the capture/replay attack, memory and input intercepted assault.
文章编号:200900878     中图分类号:    文献标志码:
基金项目:国家科技支撑计划(2006BAF01A48);四川省科技计划资助项目(2008GZ0007)
作者简介:
引用文本:
陈静,孙林夫.基于双随机软输入模型的一次性口令认证方法[J].工程科学与技术,2010,42(2):154-159.
Chen Jing,Sun Lin Fu.One-time Password Authentication Based on Double Random Soft Input Model [J].Advanced Engineering Sciences,2010,42(2):154-159.