A dynamic password authentication method against man-in-the-middle attacks

A technology of dynamic password and authentication method, applied in the field of information security, can solve the problems of unable to achieve two-way authentication, unable to resist password guessing attacks or man-in-the-middle attacks, and achieve the effect of solving fake server attacks, improving authentication efficiency, and resisting brute force attacks.
CN112235105BActive Publication Date: 2022-07-29NANJING UNIV OF POSTS & TELECOMM
3 Cites 0 Cited by

Patent Information

Authority / Receiving Office
CN Β· China
Patent Type
Patents(China)
Current Assignee / Owner
NANJING UNIV OF POSTS & TELECOMM
Publication Date
2022-07-29

Smart Images

  • Figure 1
    Figure 1
  • Figure 2
    Figure 2
  • Figure 3
    Figure 3
Patent Text Reader

Abstract

The invention discloses a dynamic password authentication method against man-in-the-middle attack, which mainly includes a registration phase and a login phase. The design of the invention is based on the difficult problem of RSA, and can effectively resist man-in-the-middle attacks and offline password guessing attacks. Compared with the existing password The authentication scheme of the present invention: in the authentication process, the number of times of encryption and decryption operations performed by the user and the server is reduced, and the authentication efficiency is improved; The process is more secure; it can effectively resist brute force attacks and man-in-the-middle attacks on passwords, and at the same time, two-way authentication is added to solve the problem of fake server attacks.
Need to check novelty before this filing date? Find Prior Art

Description

technical field

[0001] The invention relates to the field of information security, in particular to a dynamic password authentication method against man-in-the-middle attacks. Background technique

[0002] Since the advent of password authentication technology, it has been widely used in all aspects of our life due to its convenience and relative security. From the login of the website account to the convenient mobile payment, the password can be seen anytime, anywhere. But with the widespread use of authentication technology, it also brings a series of hidden dangers. Due to the limited key space of the password itself, it is vulnerable to online or offline guessing attacks and man-in-the-middle attacks.

[0003] One way to solve these security risks is to use one-time password technology, also known as dynamic password technology. The classic dynamic password technology such as S / KEY has the problem of limited number of logins, and the subsequent design of SAS and its u...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More