Dynamic password based authentication identifying method

A dynamic password and identity authentication technology, which is applied in the field of security authentication of legal identity of the client, can solve problems such as inability to log in online, increase additional overhead, and dictionary attacks, and achieve the effects of easy programming, avoiding additional overhead, and ensuring reliability

Inactive Publication Date: 2002-12-18
范平志 +1
View PDF0 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] But this method has two obvious defects: (1) if once the user password file that keeps in the server is lost, then the passwords of all users in the system may be embezzled by others, thereby making the whole system all insecure; (2) An illegal third party can intercept the user's password through the network during the password transmission process. Regardless of whether the password is encrypted or not, the illegal intruder can use the intercepted password to pretend to be a legitimate user to deceive the trust of the server and log in to the system. This is The so-called retransmission attack in cryptography
In other words, this method can solve problem 1 above, but still cannot solve problem 2
However, these methods all use storage media similar to IC cards, and have the following potential safety hazards and deficiencies: (1) there is the possibility of dictionary attacks
For ease of memory, user passwords generally only have 4-8 characters, and illegal third parties can intercept user password information transmitted online and perform dictionary traversal searches, thereby making dictionary attacks possible; Storage media such as IC cards will inevitably increase additional expenses; (3) no matter where the user goes in the world, he must bring a storage device similar to the IC card, otherwise he cannot log in online, which brings problems to the user. many inconveniences

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Dynamic password based authentication identifying method
  • Dynamic password based authentication identifying method
  • Dynamic password based authentication identifying method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0068] The present invention mainly uses a random number generating function and a secure one-way hash function. For security reasons, it is recommended to select the MD5 algorithm or the SHA algorithm to complete the hash operation.

[0069] The following example illustrates an application of the present invention in electronic mail. Assuming that the user has already registered, the following is the authentication process: Authentication process

[0070] 1. The user sends the ID card ID and the service request for receiving e-mail to the mail server.

[0071] 2. The mail server searches the user password verification factor V in the system password file by the user ID n and the user's previous generated

[0072] The random number N n , if not found, the service will be refused; after being found, the server chooses a random number M n , calculate H n1 =

[0073] m n V n , that is, through the user's password verification factor, M n mask, and then the data H...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

This invention discloses a client authentication identifying method based on dynamic password which can the used in remote network register, data base access, electronic commercial service and electronic mails with the following characters: 1. not using the memory medium like IC card to avoid adding the extra cost to the clients. 2. capable of resisting the attacks from the media, intermediate person and dictionaries with security. 3. the scheme is simple, and easy for programming.

Description

technical field [0001] The invention relates to a method for security identification of a legal identity of a client based on a client / server mode in network communication. Background of the invention [0002] With the rapid development of Internet applications, especially e-commerce, the identification of network users becomes more and more important. At present, many identification methods have appeared, but the most popular and effective one is the identification method based on passwords. [0003] At present, the most commonly used method of a password-based identity authentication system is: the user registers his user name and password on the server side, and then the server keeps the user name and password in a password file. When the user logs in for identification, the user enters the user name and password and sends them to the server; the server compares the received information with the user name and password registered by the user; if the two are the same, the ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F7/58
Inventor 袁丁范平志
Owner 范平志
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap