电信科学 ›› 2014, Vol. 30 ›› Issue (9): 87-91.doi: 10.3969/j.issn.1000-0801.2014.09.012

• 研究与开发 • 上一篇    下一篇

基于手机令牌的移动应用双向身份认证方案研究

郑兆华,彭金莲,程杰仁   

  1. 海南大学信息科学技术学院 海口570228
  • 出版日期:2014-09-20 发布日期:2017-07-05
  • 基金资助:
    国家自然科学基金资助项目;海南大学青年基金资助项目;海南大学应用科技学院项目

Researcb on Application Bidirectional Identity Autbentication Scbeme Based on Mobile Pbone Token

Zhaohua Zheng,Jinlian Peng,Jieren Cheng   

  1. College of Information Science and Technology, Hainan University, Haikou 570228, China
  • Online:2014-09-20 Published:2017-07-05

摘要:

随着移动信息化的发展,移动应用的安全问题已成为用户关注的焦点。身份认证存在多种解决方案,其中动态口令技术是目前身份认证问题的最有效解决方案。在分析目前动态口令存在缺陷的基础上,提出了一种改进的基于手机令牌的挑战/应答动态口令身份认证方案,它以指纹作为令牌使用凭证,能双向可信认证,并以分段双通道方式进行加密通信。此外,对新方案进行了安全性分析。分析结果表明该方案具有安全性高、使用简便、成本低的特点,完全满足移动应用通信中安全级别较高的身份认证要求。

关键词: 动态口令, 手机令牌, 身份认证, 安全, 移动信息化, 挑战/应答

Abstract:

With the development of mobile information, security problems of mobile applications had become the focus of attention of the user. Authentication has many solutions. The dynamic password authentication technology is currently the most effective solution. After analyzing the current dynamic password shortcomings, a dynamic password authentication scheme based on improved mobile phone token to challenge / response was proposed. It uses fingerprint as the evidence of token, and can be two-way authentication, and has segment of double channel encryption communication. In addition, the security was analyzed. Analysis results show that the scheme is convenient to use and has high security and low cost. The scheme fully meets the higher security level of identity authentication on application requirements in mobile communication.

Key words: dynamic password, mobile phone token, identity authentication, security, mobile informatization, challenge/response

No Suggested Reading articles found!