Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables

A technology of dynamic password and authentication method, applied in the fields of two-way authentication and information security, can solve the problems that the system is difficult to popularize and use on a large scale, users are difficult to use, and the construction cost of the authentication system is high.

Inactive Publication Date: 2009-06-10
北京唐桓科技发展有限公司
View PDF2 Cites 29 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The existing two-way authentication protocols are basically realized by using digital certificates (PKI), but the system that uses digital certificates for two-way authentication also has problems such as difficult use by users, high construction costs of the authentication system, incompatibility with existing systems, and the need for transformation. Disadvantages such as high cost and long time make it difficult to promote the use of digital certificate systems on a large scale
Some systems simply use mutual challenge / response (challenge / response) between the server and the client to perform two-way authentication, and there will also be certain security holes (such as parallel session attacks, etc.)

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables
  • Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables
  • Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables

Examples

Experimental program
Comparison scheme
Effect test

example 1

[0052] This example demonstrates the normal login process of the user, the schematic diagram is attached Figure 4 .

[0053] In the first step, the client submits the user account "Test001" and the static password "MyBirthDay+1" to the server, and the user's IP address is "61.134.1.1". After the authentication server receives the data submitted by the user, it retrieves the relevant authentication information according to the user account, and verifies that the user's static password is correct. Then set the flag Fs to 1, increase the synchronous counter value Ns by 1, that is, change from 0 to 1, and record the user's IP address.

[0054] The authentication server forwards the generated dynamic password "17297397" to the user in the second step, and the user judges the authenticity of the server based on this password. The user receives the password sent by the server, and then generates a password on his own password token. At this time, the synchronization counter value ...

example 2

[0057] This example demonstrates the principle of preventing the "Treasure Terminator" Trojan horse attack. The schematic diagram is attached Figure 5 .

[0058] Suppose the attacker has obtained the user's account and static password in Example 1 by using the "Mibao Terminator" Trojan and other Trojans, and intercepted the dynamic password "95017043" submitted by the user to the authentication server in the third step of the authentication process. ”, and the content in the user authentication data packet was modified, and the user’s dynamic password authentication process was unsuccessful. At this time, the status characteristics of the authentication server are as follows: the synchronization count value Ns=2, and the static password authentication success flag Fs=0. The following is the authentication process after the attacker obtains the user's dynamic password:

[0059] The attacker enters the user account "Test001" and the static password "MyBirthDay+1" on the clien...

example 3

[0063] This example demonstrates the principle of preventing the "parallel session attack", see the attached diagram for the diagram Image 6 .

[0064] The so-called "parallel session attack" means that the attacker deliberately runs multiple protocol processes concurrently, in an attempt to obtain the answer required by a process in multiple running processes.

[0065] The attacker's first step is to enter the user name "Test001" and the correct static password on the machine whose IP address is "61.138.1.2". After the server passes the authentication, a password "20014829" is sent to the attacker. In order to obtain this password Then enter the user name "Test001" and the correct static password on another machine whose IP address is "61.138.1.3", the server sends a password "07196154" after verification, and the attacker can then After completing the first authentication process, enter the password "07196154" on the machine whose IP address is "61.138.1.2", and the synchr...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention provides multivariable dynamic password two-way authentication based identification method technique. The core of the invention is the dynamic password generation technique adopting event synchronization, and by adopting the method in which a client end synchronizes a server end, a secure authentication flow is established. The technique not only can prevent attack by the various prior attack methods, but also is fully compatible with a prior static password authentication based network application system. The technique has the advantages of low upgrading and modifying costs of the system, short time needed for upgrading and modification of the system and unchanged use habit of a user; moreover, a user can independently determine whether the strong identity authentication method is selected to protect the security of an account number, so the method technique meets the security needs of users at different levels.

Description

technical field [0001] The present invention relates to identity identification and authentication technology in the field of information security, in particular to the technical field of dynamic password encryption based on one-time pad and the technical field of bidirectional authentication in network systems based on B / S and C / S frameworks. Background technique [0002] Identity authentication is an indispensable and crucial step to ensure the safe and stable operation of the system. When the user accesses the application system, he should first verify whether the user's identity is consistent with the claimed one through some authentication mechanism. Currently commonly used identity authentication technologies include static password authentication and dynamic password authentication. [0003] The static password authentication method adopts the authentication method of "user account + static password = someone's identity", and the password is set by the user. When lo...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06H04L9/32
Inventor 李春林李军平
Owner 北京唐桓科技发展有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap