Unlock instant, AI-driven research and patent intelligence for your innovation.

Password authentication method for preventing server-side information from being leaked

An information leakage, server-side technology, applied in the network field, can solve the problem that passwords are vulnerable to offline dictionary attacks, and achieve the effect of wide applicability and security protection

Inactive Publication Date: 2015-06-24
INST OF INFORMATION ENG CAS +1
View PDF5 Cites 8 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0006] In order to solve the problem that passwords are vulnerable to offline dictionary attacks due to the small user password space, the present invention proposes a password authentication method that resists server-side information leakage without adding token devices such as smart cards from the user side

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Password authentication method for preventing server-side information from being leaked
  • Password authentication method for preventing server-side information from being leaked

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0030] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be described in detail below in conjunction with specific embodiments and with reference to the accompanying drawings.

[0031] In this embodiment, the user registers on an application system (assumed to have registered on TTP) through TTP and completes the system login through TTP for illustration, wherein the length of the key k of TTP is 128 bits, and f adopted is SHA -256 algorithm, the specific process is as follows:

[0032] 1. Registration process

[0033] like figure 1 As shown, the registration process of a user in an application system is as follows:

[0034] 1) The user sends the application identifier AI that wishes to register an account, the account name user of his choice, and the login password pw to TTP through a secure network channel;

[0035] 2) TTP takes its key k and the (AI, user, pw) sent by the user as the input of f, ca...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a password authentication method for preventing server-side information from being leaked. The method comprises the steps that 1, a user sends a selected application identifier (AI), an account name user and a login password pw to a trusted third party (TTP) through a security channel; 2, the TTP generates a secret value x according to a secret key k and (AI, user, pw) and sends (user, x) to an application server assigned by the AI; 3, the application server stores (user, x) information of the user and returns successful registration information through the TTP; 4, when login is conducted, a client side sends input (AI, user, pw') to the TTP to conduct calculation and obtain a secret value x' through a security network channel and sends (user, x') to the application server assigned by the AI to conduct authentication; if the authentication is successful, a massage of successful login is returned. The password authentication method for preventing the server-side information from being leaked protects the security of the login password and has high applicability.

Description

technical field [0001] The invention belongs to the field of network technology, and in particular relates to a password authentication method against server-side information leakage. Background technique [0002] With the continuous development of network technology, there are more and more application systems based on network platforms. These systems usually use various identity authentication technologies to ensure the authenticity of the identity of users who log in to the server, thereby ensuring the security of the system and data as well as the legitimate rights and interests of authorized visitors. [0003] At present, identity authentication is mainly realized through one or a combination of the following three basic approaches: identity authentication based on knowledge, identity authentication based on biometric features, and identity authentication based on token devices such as smart cards. Among them, knowledge-based identity authentication is widely used beca...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L29/06
Inventor 朱文涛潘适然杨玲
Owner INST OF INFORMATION ENG CAS