Authentication method for preventing replay attack

An authentication method and anti-replay technology, applied in the direction of electrical components, transmission systems, etc., can solve the problems of communication protocol or system complexity, increase system instability, etc., and achieve the effect of ensuring accuracy

Active Publication Date: 2012-10-17
SOUTH CHINA NORMAL UNIVERSITY +1
View PDF10 Cites 45 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

If a special time synchronization protocol is used, it may lead to more complex communication protocols or systems to increase system instability; if a loose time synchronization method is used, that is, by performing a three-way handshake between two services, and then the server calculates them The maximum difference between the time, the system or protocol needs to be able to tolerate a certain period of delay or out of synchronization, but in some systems or protocols, this kind of delay or out of synchronization is not allowed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Authentication method for preventing replay attack
  • Authentication method for preventing replay attack
  • Authentication method for preventing replay attack

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0025] refer to figure 1 , an authentication method against replay attacks, comprising the following steps:

[0026] The client sends a login request message to the login authentication server;

[0027] The login authentication server generates the first timestamp Time that includes identifying the current time SignOn authentication credentials to the client;

[0028] The client sends the service request, the authentication credentials from the login authentication server and the one-way data link value generated by itself to the application server;

[0029] The application server sends information including authentication credentials and one-way data link values ​​to the login authentication server;

[0030] Log in to the authentication server to determine the correctness of the authentication credentials and calculate the current time Time Current with the first timestamp Time SignOn The time difference of the authentication credential used to prove whether the user has...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an authentication method for preventing a replay attack. The method comprises the following steps of transmitting an authentication evidence and service requests to an application server, wherein the authentication evidence is acquired from a login authentication server by a client side and is provided with a first time stamp; identifying the sequence of the user requests by using a unidirectional data chain; calculating the time difference between the current time and the first time stamp at the login authentication server end; packaging a judging result, the time difference and a unidirectional data chain value into verification information; and transmitting the verification information to the application server, wherein the application server judges whether the verification information is replay information or not according to the received unidirectional data chain value, and furthermore, whether the service requests are authenticated within effective time or not can be judged according to the time difference and the judging result. Time is not required to be synchronous, so that the complexity of the system or a protocol is avoided, and the delay caused by synchronization of time is also avoided. The probability that the user requests undergo the replay attack is avoided through the application of the unidirectional data chain.

Description

technical field [0001] The invention relates to the field of communication system authentication, in particular to an authentication method for preventing replay attacks. Background technique [0002] Replay Attacks, also known as replay attacks, replay attacks, or Freshness Attacks, refer to the attacker sending a packet that has been received by the destination host to deceive the system. It is mainly used in the identity authentication process , destroying the correctness of the authentication. A replay attack will continuously maliciously or fraudulently repeat a valid data transmission. The attacker uses network monitoring or other methods to steal the authentication credentials, and then resends them to the authentication server to destroy the security of the authentication. For example, intercepting cookies by listening to http data transmission or other means and submitting cookies is a kind of replay attack, which can easily copy other people's cookies to obtain co...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L29/06
Inventor 赵淦森巴钟杰李子柳李惊生
Owner SOUTH CHINA NORMAL UNIVERSITY
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap