Supercharge Your Innovation With Domain-Expert AI Agents!

Identity authentication method and system based on EAP-MD5 improved protocol

An EAP-MD5 and identity authentication technology, which is applied in the field of identity authentication methods and systems based on the EAP-MD5 improved protocol, can solve problems such as replay attacks, deciphering, and EAP-MD5 not recommended to use, etc., to reduce violence The probability of cracking, prevention of replay attacks, and the effect of improving security

Active Publication Date: 2020-11-06
XIAMEN YAXON NETWORKS CO LTD
View PDF2 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

However, the traditional EAP-MD5 protocol has several disadvantages, so EAP-MD5 is not recommended in some high-security authentication environments. The major disadvantages are:
[0003] 1. The user key is easy to be brute force cracked by the MD5 dictionary: the username and authentication challenge number of the requesting party are always visible in plain text, so the MD5 hash value composed of username + password + challenge number is easily deciphered by offline dictionary attacks out user password
[0004] 2. It is prone to replay attacks. Even if the MD5 hash value is not cracked, all the data packets of the last authentication are replayed to the authentication server. Since the server cannot judge the time relationship of the data packets, the authentication process may also be completed

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Identity authentication method and system based on EAP-MD5 improved protocol
  • Identity authentication method and system based on EAP-MD5 improved protocol

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0027] refer to figure 1 , the traditional EAP-MD5 protocol identity authentication process is as follows:

[0028] (1) The client sends an EAPOL_Start message to the access device to start 802.1x authentication access;

[0029] (2) The access device sends an EAP_Request_Identity message to the client, requiring the client to send the user name (ie user ID) to the access device;

[0030] (3) The client responds with an EAP_Response / Identity request to the access device, including the user ID;

[0031] (4) The access device encapsulates the user name in the EAP_Response_Identity message into the RADIUS_Access_Request message and sends it to the authentication server;

[0032] (5) The authentication server judges whether the user name belongs to a registered legal user name, if not, access is not allowed; if yes, the authentication server generates a Challenge, and the user name ID+1, and the Challenge and ID+1 Return to the access device through the RADIUS_Access_Challenge m...

Embodiment 2

[0055] The present invention also provides an identity authentication system based on the improved EAP-MD5 protocol, including a client, an access device, and an authentication server, and the client, the access device, and the authentication server all include a processor, a memory, and a device stored in the A computer program in the memory and running on the processor, when the processor executes the computer program, implements the steps in the above method embodiment of Embodiment 1 of the present invention.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to an identity authentication method and system based on an EAP-MD5 improved protocol. In the identity authentication method, hash processing is carried out on Challenge and a user name, and a result is subjected to exclusive OR with a user password, so that the Challenge is protected, the problem that a Challenge value cannot be directly cracked by adopting a violent or dictionary cracking method after data is intercepted due to the fact that a hacker does not know the password in plaintext transmission is avoided, and the difficulty of cracking the hash by violent forceis improved. Meanwhile, the password is included in a hash value in an exclusive OR mode instead of a plaintext combined mode, the cracking difficulty and complexity are increased, the password use safety is improved, and a timestamp is introduced to serve as a judgment basis for time replay in subsequent authentication. According to the identity authentication method and the system, in the process of identity authentication, the probability that the protocol is violently cracked is effectively reduced, the replay attack of the data packet is effectively prevented, and the security of authentication is improved.

Description

technical field [0001] The invention relates to the technical field of computer communication, in particular to an identity authentication method and system based on the improved EAP-MD5 protocol. Background technique [0002] Extensible Authentication Portocol (EAP) is an authentication framework that supports multiple authentication methods and is used for port-based 802.1X access control. EAP-MD5 is the most basic and the first EAP type used in WLAN, and is widely used in port authentication in wired or wireless networks. However, the traditional EAP-MD5 protocol has several disadvantages, so EAP-MD5 is not recommended in some high-security authentication environments. The major disadvantages are: [0003] 1. The user key is easy to be brute force cracked by the MD5 dictionary: the username and authentication challenge number of the requesting party are always visible in plain text, so the MD5 hash value composed of username + password + challenge number is easily deciph...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32
CPCH04L9/3239H04L9/3226H04L9/3271
Inventor 涂岩恺叶旭辉
Owner XIAMEN YAXON NETWORKS CO LTD
Features
  • R&D
  • Intellectual Property
  • Life Sciences
  • Materials
  • Tech Scout
Why Patsnap Eureka
  • Unparalleled Data Quality
  • Higher Quality Content
  • 60% Fewer Hallucinations
Social media
Patsnap Eureka Blog
Learn More

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2025 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com