CN1599314A - Two-way verification disposable password verification method based on S/KEY system - Google Patents
Two-way verification disposable password verification method based on S/KEY system Download PDFInfo
- Publication number
- CN1599314A CN1599314A CN 200410046694 CN200410046694A CN1599314A CN 1599314 A CN1599314 A CN 1599314A CN 200410046694 CN200410046694 CN 200410046694 CN 200410046694 A CN200410046694 A CN 200410046694A CN 1599314 A CN1599314 A CN 1599314A
- Authority
- CN
- China
- Prior art keywords
- password
- user
- server
- client
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Computer And Data Communications (AREA)
Abstract
This invention discloses a single password authentification method based on the S/KEY system two-way certification including the following steps: A client end delivers a certification request to the server end which sends a challenge to the client end based on the name of the user sent by the client end who computes out the current password according to the user's iterative value, seeds and secretely passed short message to compute the current password and continuous to carry out a Haas operation to it and compares the operation result with the last successful log-in password, if the same, the authentication to the server is passed and the current password is sent to the server which again carries out a Haas operation and compares it with the last successful log-in cipher, if the same, the certification to the customer end is passed to keep the current password.
Description
Technical field
The present invention relates to a kind of network authentication method, particularly a kind of one-time password verification method based on the authentication of S/KEY system bidirectional.
Background technology
Authentication is the primary link in the network information security system, is the basis of ecommerce and E-Government.The method of network ID authentication has a lot, the most frequently used a kind of be that user account number and password are combined, with account number identification " who are you ", use password authentification " whom you are really " more earlier.This identity identifying method is simple to operate, but dangerous, and account number and password are stolen easily.Safer identity identifying method is the dynamic cipher authentication method that adopts " one-time pad " password technology at present.The S/KEY system is exactly a kind of dynamic cipher authentication system of " one-time pad " password technology commonly used.In the S/KEY system, S represents secret pass phrases; C represents seed, and during initialization, server generates a seed for each user; N represents maximum sequence number or initial sequence number; In the i one-period (by N to 0), the i time authentification of user; F is standard one-way function (MD4, MD5 or SHA), F
NExpression operation F function N time; I is a user name, is a character string; P
iBe the i time used password of login of user.
The SKEY system is a kind of evaluator, depends on the fail safe of one-way function.So-called safe one-way function be meant to calculate forward to be easy to, and reverse calculating is difficult to.In such system, the user need remember a secret pass phrases S, sentence normally, and during initialization, server generates a seed C for each user, and the user imports S and initial sequence number N, and server calculates:
P
0=P
N(C+S);
P
0=F
N(C+S);
Then the password of user's login next time is
P
1=F
N-1(C+S);
By that analogy, the password of the i time user's login is
P
i=F
N-i(C+S);
Concrete authentication process is as follows:
Server end remains with a table, and every record comprises: user name I, seed G, current sequence number N-i, success last time login password P
I-1
During the i time login of user, server sends a challenge: comprise current sequence number N-i, seed G:
Client has an OTP password calculator (can be the local software calculator or the hardware calculator of a safety), list entries N-i, and behind seed C and the secret pass phrases S, calculator is done following calculating:
P
i=F
N-i(C+S);
Client is with P then
iSend back to server as replying, server end is done following calculating:
P′
i-1=F(P
i);
Compare P '
I-1With the P that is stored in this locality
I-1Identical then checking is passed through.
In the S/KEY one-time password, communicating pair does not all keep password and generates the full detail of password, and whole communication process all is safe, and any eavesdropping Replay Attack can not work, and has higher fail safe.But there is inborn defective in the S/KEY system on unsafe channel, can not avoid decimal to attack.When a sends when request to b, possible c can pretend to be b to challenge to a, and the seed of this challenge was obtained by former monitoring network, and sequence number needs only littler than actual value, just can obtain the P that calculates that a client does not add discriminating
j, then c can obtain from P
iTo P
jBetween all passwords, success attack.
Summary of the invention
Technical problem to be solved by this invention is the leak that exists decimal to attack in the existing S/KEY system identity verification process, and a kind of one-time password verification method based on the authentication of S/KEY system bidirectional is provided.
The technical scheme that the present invention solves the problems of the technologies described above may further comprise the steps:
The user end to server end sends authentication request, sends user name;
Server end sends challenge according to the user name that client sends to client, comprises the seed of current iteration value, this user's correspondence, and the password successfully logined of last user;
Client calculates current password according to user's iterative value, seed and secret pass phrases, and to Hash operation of current password continuation work, the success last time entry password that operation result and server end are brought compares, identical then by checking to server, then current password is mail to server;
After server is received current password, carry out Hash operation equally again one time, and the password of successfully logining with last user is relatively, identical then by authentication to client, preserve current password.
Advantage of the present invention: 1) in the one-time password authentication method of the present invention, communicating pair does not all keep password and generates the full detail of password, and whole communication process all is safe, and any eavesdropping Replay Attack can not work, and has higher fail safe.2) in the client increase server is authenticated in the one-time password authentication method of the present invention, malicious attacker is not because have the correct password of last login and correct iterative value like this, can not be by the authentication of client, attack problem thereby solved the decimal that existing S/KEY system exists.
Description of drawings
The flow chart of client certificate among Fig. 1 the present invention.
Fig. 2 is the flow chart of server-side certificate among the present invention.
Fig. 3 is for improving the flow chart of back S/KEY system bidirectional authentication.
Fig. 4 attacks flow chart for the decimal of existing S/KEY system bidirectional authentication.
Embodiment
Referring to Fig. 1, Fig. 2, a kind of one-time password verification method based on the authentication of S/KEY system bidirectional may further comprise the steps:
(1) the client generator sends following information to server:
User identity I;
(2) challenge of server response:
Sequence number N, seed C, success last time entry password P
I-1
In this step, service end will be stored in the password that last time of user ID correspondence in the local data base, this user successfully logined and send out.
(3) client OTP password calculator behind seed C and the secret pass phrases S, generates one-time password according to the sequence number N-i of input, and it is calculated as follows:
P
i=F
N-i(C+S);
(4) after client is preserved the one-time password that generates, remake Hash operation one time:
P′
i-1=F(P
i);
The success last time entry password of bringing with server then relatively if come to the same thing, thinks that then sequence number is errorless, takes out the one-time password after preserving, and as replying, sends to server.If difference thinks that then sequence number wrong (decimal attack), system prompt user exist decimal to attack as a result.
(5) server is confirmed the password of generator response, and server is carried out a Hash calculation, if the password match of result and preservation is then differentiated success, preserves new password.
When the sequence number of password reduces to 1, will reinitialize sequence number, except nation method, also can adopt remote method, generator sends to service end:
<password 1〉<new argument〉<password 2 〉
The network service is moved towards to distribute unavoidably by concentrating, situation for multiserver, what the Rubin of Bell Laboratory adopted in a kind of independent one-time password that proposed in 1996 is the method for having allocated the entry password quantity of every station server in advance, situation about logining on a station server as a user is more and when causing password to use up, just be necessary for this user and reinitialize password, this can cause a waste interval of password (just run out) of password, and the distribution of key is not so simple in the independent one-time password.In the present invention, can adopt different seed C to each server, and user's pass phrases S can be identical, like this, for the user, do not need understanding to sign in on any station server, he can be according to sequence number, seed and the own pass phrases of remembering are correct calculates one-time password, and the password sequence between each server is fully independently.
The S/KEY system just can not manage user validation after user's login is finished, and the disabled user can rob into connection (hijackedconnection) invasive system after the correct login of validated user connects.In this agreement, after validated user login was finished, service end can regular challenging to client, and client must be made challenge and being replied, otherwise will cut off this user's existing connection.The challenge that service end sends to client and client reply and need set up one in addition and be connected, and do not influence the client of former connection and the proper communication of server, are transparent for the user.User's one-time password sequence of bringing thus uses too fast problem to adopt big sequence number N to solve can be by initialization the time.
For fear of passive attack (passive attack), when each user logins, can only set up a connection.So just can prevent to start many to connect the follow-up password of conjecture after other users from listening to the part password.
Below illustrate the application of the present invention in mobile-payment system.Supposing that the user has registered finishes, and is the authentication process below:
1, the client sends the user name I of oneself to authentication server by SMS;
2, authentication server is sought this user's information in database, has user name I in the database, the password P of user's last login
I-1And current iteration value N, if can not find out then denial of service, find then and send seed C and current iteration value N-i, the password P of user's last login to client's mobile phone
I-1
3, the password calculator that has in client (mobile phone itself or special calculator) is at list entries N-i, and behind seed C and the secret pass phrases S, calculator is done following calculating:
P
i=F
N-i(C+S);
P′
i-1=F(P
i);
Compare P '
I-1, P
I-1, inequality then think mistake has appearred, or attack is arranged, notify the user, carry out respective handling; If identical, client is by the authentication to service end, and client is with P
iSend back to server as replying;
4, server end is done following calculating equally:
P′
i-1=F(P
i);
Compare P '
I-1With the P that is stored in this locality
I-1Identical then checking is passed through, and upgrades P
I-1Be P
i, by the authentication to client, proof procedure finishes.
Claims (3)
1, a kind of one-time password verification method based on the authentication of S/KEY system bidirectional may further comprise the steps:
The user end to server end sends authentication request;
Server end sends challenge according to the user name that client sends to client, comprises the seed of current iteration value, this user's correspondence, and the password successfully logined of last user;
Client calculates current password according to user's iterative value, seed and secret pass phrases, and to Hash operation of current password continuation work, the success last time entry password that operation result and server end are brought compares, identical then by checking to server, then current password is mail to server;
After server is received current password, carry out Hash operation equally again one time, and the password of successfully logining with last user is relatively, identical then by authentication to client, preserve current password.
2, a kind of one-time password verification method according to claim 1 based on the authentication of S/KEY system bidirectional, it is characterized in that: when the multiserver debarkation authentication, each server adopts different seeds, and user's pass phrases is identical, and the password sequence between each server is fully independently.
3, a kind of one-time password verification method according to claim 1 based on the authentication of S/KEY system bidirectional, it is characterized in that: after the validated user login is finished, regular the challenging of server end meeting to client, and client must make challenge and replying, otherwise will cut off this user's existing connection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410046694 CN1599314A (en) | 2004-08-25 | 2004-08-25 | Two-way verification disposable password verification method based on S/KEY system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 200410046694 CN1599314A (en) | 2004-08-25 | 2004-08-25 | Two-way verification disposable password verification method based on S/KEY system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN1599314A true CN1599314A (en) | 2005-03-23 |
Family
ID=34665669
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 200410046694 Pending CN1599314A (en) | 2004-08-25 | 2004-08-25 | Two-way verification disposable password verification method based on S/KEY system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1599314A (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2008009183A1 (en) * | 2006-07-13 | 2008-01-24 | Shanghai Jiaotong University | Password remotely authentication method based on the intelligent card and an intelligent card, a server and system thereof |
| CN100365641C (en) * | 2006-04-11 | 2008-01-30 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
| CN101291468B (en) * | 2008-06-06 | 2011-08-24 | 中兴通讯股份有限公司 | Pre-payment service controlling device, value adding device, value adding management method and system |
| CN101431415B (en) * | 2008-12-12 | 2011-12-21 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
| CN102299930A (en) * | 2011-09-19 | 2011-12-28 | 北京无限新锐网络科技有限公司 | Method for ensuring security of client software |
| CN101557400B (en) * | 2009-05-13 | 2012-02-22 | 厦门吉比特网络技术股份有限公司 | Method for realizing anti-external hanging of online game |
| CN101350719B (en) * | 2007-07-18 | 2012-08-22 | 康佳集团股份有限公司 | Novel identification authentication method |
| CN101577697B (en) * | 2008-05-07 | 2012-09-05 | 深圳市络道科技有限公司 | Authentication method and authentication system for enforced bidirectional dynamic password |
| CN101453458B (en) * | 2007-12-06 | 2013-07-10 | 北京唐桓科技发展有限公司 | Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables |
| CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
| CN104243158A (en) * | 2013-06-13 | 2014-12-24 | 松下电器产业株式会社 | Authentication method, communication system, device and server |
| CN105141428A (en) * | 2015-08-19 | 2015-12-09 | 深圳密无痕智能科技有限公司 | System and method for authentication and identification based on fuzzy fault and one-time password |
| CN112311794A (en) * | 2020-10-30 | 2021-02-02 | 中电万维信息技术有限责任公司 | Bidirectional identity authentication method based on MFA algorithm |
-
2004
- 2004-08-25 CN CN 200410046694 patent/CN1599314A/en active Pending
Cited By (14)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100365641C (en) * | 2006-04-11 | 2008-01-30 | 北京飞天诚信科技有限公司 | Method for protecting computer login using disposable password |
| WO2008009183A1 (en) * | 2006-07-13 | 2008-01-24 | Shanghai Jiaotong University | Password remotely authentication method based on the intelligent card and an intelligent card, a server and system thereof |
| CN101350719B (en) * | 2007-07-18 | 2012-08-22 | 康佳集团股份有限公司 | Novel identification authentication method |
| CN101453458B (en) * | 2007-12-06 | 2013-07-10 | 北京唐桓科技发展有限公司 | Personal identification process for dynamic cipher password bidirectional authentication based on multiple variables |
| CN101577697B (en) * | 2008-05-07 | 2012-09-05 | 深圳市络道科技有限公司 | Authentication method and authentication system for enforced bidirectional dynamic password |
| CN101291468B (en) * | 2008-06-06 | 2011-08-24 | 中兴通讯股份有限公司 | Pre-payment service controlling device, value adding device, value adding management method and system |
| CN101431415B (en) * | 2008-12-12 | 2011-12-21 | 天柏宽带网络科技(北京)有限公司 | Bidirectional authentication method |
| CN101557400B (en) * | 2009-05-13 | 2012-02-22 | 厦门吉比特网络技术股份有限公司 | Method for realizing anti-external hanging of online game |
| CN102299930A (en) * | 2011-09-19 | 2011-12-28 | 北京无限新锐网络科技有限公司 | Method for ensuring security of client software |
| CN102299930B (en) * | 2011-09-19 | 2014-09-10 | 北京无限新锐网络科技有限公司 | Method for ensuring security of client software |
| CN104243158A (en) * | 2013-06-13 | 2014-12-24 | 松下电器产业株式会社 | Authentication method, communication system, device and server |
| CN103747013A (en) * | 2014-01-24 | 2014-04-23 | 沈文策 | Cloud terminal login verification method and device |
| CN105141428A (en) * | 2015-08-19 | 2015-12-09 | 深圳密无痕智能科技有限公司 | System and method for authentication and identification based on fuzzy fault and one-time password |
| CN112311794A (en) * | 2020-10-30 | 2021-02-02 | 中电万维信息技术有限责任公司 | Bidirectional identity authentication method based on MFA algorithm |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10530582B2 (en) | Method and device for information system access authentication | |
| CN105516195B (en) | A kind of security certification system and its authentication method based on application platform login | |
| CN111294352B (en) | Data security authentication method between cloud and edge node | |
| CN1212716C (en) | Method of sharing subscriber confirming information in different application systems of internet | |
| US8533806B2 (en) | Method for authenticating a trusted platform based on the tri-element peer authentication(TEPA) | |
| CN111027036B (en) | Identity association method based on block chain | |
| CN101051908A (en) | Dynamic cipher certifying system and method | |
| CN106921663B (en) | Identity continuous authentication system and method based on intelligent terminal software/intelligent terminal | |
| CN108347428B (en) | Registration system, method and device of application program based on block chain | |
| CN1832401A (en) | Method for protecting safety of account number cipher | |
| CN1599314A (en) | Two-way verification disposable password verification method based on S/KEY system | |
| CN102868702B (en) | System login device and system login method | |
| CN109347887B (en) | Identity authentication method and device | |
| CN102143131B (en) | User logout method and authentication server | |
| CN115842680B (en) | Network identity authentication management method and system | |
| CN112383401B (en) | User name generation method and system for providing identity authentication service | |
| CN106453321A (en) | Authentication server, system and method, and to-be-authenticated terminal | |
| CN101155033B (en) | Method for confirming client identity | |
| CN104734856A (en) | Password authentication method for preventing server-side information from being leaked | |
| CN114430324A (en) | On-line quick identity authentication method based on Hash chain | |
| CN104918245B (en) | A kind of identity identifying method, device, server and client | |
| CN105577606B (en) | A kind of method and apparatus for realizing authenticator registration | |
| CN107104792B (en) | Portable mobile password management system and management method thereof | |
| CN111131140B (en) | Method and system for enhancing login security of Windows operating system based on message pushing | |
| CN101051910A (en) | Method and device for certifying authorized charging server to identify customer end software |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |