Unlock instant, AI-driven research and patent intelligence for your innovation.

Password protection method based on honeyword

A password protection and password technology, applied in the field of database password protection and identity authentication, can solve the problems of user honeyword conflict and weakened attack effect, and achieve the effect of defending against double leakage attacks and cross update attacks, eliminating distribution differences, and reliable security protection.

Active Publication Date: 2021-03-16
NANJING UNIV OF AERONAUTICS & ASTRONAUTICS
View PDF3 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The present invention can solve the user's honeyword conflict problem in the existing honeyword scheme, eliminate the distribution difference between the honeyword and the password in the existing honeyword scheme, and can also defend against double leakage attacks and cross-update attacks so that the attack effect is weakened, thereby realizing password leakage. Effective detection and early warning to achieve reliable security protection for database passwords

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Password protection method based on honeyword
  • Password protection method based on honeyword
  • Password protection method based on honeyword

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0028] The above solution will be further described below in conjunction with specific embodiments. It should be understood that these examples are used to illustrate the present invention and not to limit the scope of the present invention. Based on the embodiments of the present invention, all other embodiments obtained by persons of ordinary skill in the art without making creative efforts belong to the protection scope of the present invention.

[0029] Usually the honeyword method sets G to 1000 and k to 20. For the convenience of the example, we set the example as follows: the number of a group of false users G=8, and the number of password values ​​in each user's password group k=3. The table below is an example. The specific process is:

[0030] (1) Initialization.

[0031] (1.1) First, we need to generate a set of initialized fake user data. According to the settings, the main server generates 8 fake users, whose user names and passwords are constructed randomly. ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention relates to a password protection method based on honeyword, and belongs to the field of database password protection and identity authentication. The invention provides a novel honeywordpassword protection method in order to solve the problems that an existing honeyword scheme can generate honeyword conflicts and distribution differences of honeywords / passwords, password privacy canbe leaked for double leakage attacks and cross update attacks and the like. According to the method, the password is selected as the Honeyword based on the group, so that the problem of honeyword conflict is solved, the distribution difference between the honeyword and the password is eliminated, dual leakage attacks and cross update attacks are effectively reduced, meanwhile, password leakage can be detected, an alarm is given, and the security of the database password can be effectively protected. The method is suitable for database password protection and identity authentication.

Description

technical field [0001] The invention belongs to the field of database password protection and identity authentication, and in particular relates to a honeyword-based password protection method. Background technique [0002] Passwords are a simple and widely used method of authentication. Because of many advantages such as low cost and easy deployment, the password-based method has always been the most popular authentication method. In a password-based authentication system, the server usually stores each user's password in a hash table. Once the hash file is stolen, due to the low entropy value, there is a high probability of recovering the hidden hash value through brute force search. password in . Although existing methods can increase the cost of brute-force search and resist rainbow table attacks, offline password guessing attacks are still a serious problem. [0003] One approach is to detect password compromise so that the system can take appropriate action in time ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/31G06F21/45
CPCG06F21/31G06F21/45
Inventor 朱友文冯立刚张宗杰
Owner NANJING UNIV OF AERONAUTICS & ASTRONAUTICS