基于手机令牌的移动应用双向身份认证方案研究

doi:10.3969/j.issn.1000-0801.2014.09.012

Abstract

Abstract:

With the development of mobile information, security problems of mobile applications had become the focus of attention of the user. Authentication has many solutions. The dynamic password authentication technology is currently the most effective solution. After analyzing the current dynamic password shortcomings, a dynamic password authentication scheme based on improved mobile phone token to challenge ／ response was proposed. It uses fingerprint as the evidence of token, and can be two-way authentication, and has segment of double channel encryption communication. In addition, the security was analyzed. Analysis results show that the scheme is convenient to use and has high security and low cost. The scheme fully meets the higher security level of identity authentication on application requirements in mobile communication.

Key words: dynamic password, mobile phone token, identity authentication, security, mobile informatization, challenge／response

Zhaohua Zheng,Jinlian Peng,Jieren Cheng. Researcb on Application Bidirectional Identity Autbentication Scbeme Based on Mobile Pbone Token[J]. Telecommunications Science, 2014, 30(9): 87-91.

Figures/Tables 5

References 9

1	郑强 , 高能 , 张令臣 . 基于SM3算法的动态口令卡的设计与实现. 计算机应用与软件 2013,30(2): 14～17
2	张利华 , 章丽萍 , 张有光 , 等. 基于口令的远程身份认证及密钥协商协议. 计算机应用 2009,29(4): 924～927
3	林元明 . 基于手机令牌的身份认证系统的研究与实现. 厦门大学硕士学位论文 2009
4	韦广剑 . 基于Android 令牌的动态密码认证系统的研究与实现. 武汉理工大学硕士学位论文 2012
5	郭建昌 , 郭茂文 , 黎艳 . 一种电信级手机令牌动态口令系统的架构设计及其实现. 电信科学 2012,28(10): 94～98
6	叶晰 , 叶依如 , 岑琴 . 基于手机令牌的动态口令身份认证系统的实现. 计算机系统应用 2010,19(10): 32～36
7	刘超凡 , 张永良 , 肖刚 , 等. 基于滚动指纹数字签名的电子商务安全认证. 计算机应用 2012,32(2): 475～479
8	赵新杰 , 王韬 , 郭世泽 , 等. AES 访问驱动Cache 计时攻击. 软件学报 2011,22(3): 572～591
9	闫茂德 , 纪志强 , 贺昱曜 , 等. AES 与 ECC 混合加密算法的无线数据通信系统设计. 微电子学与计算机 2007,24(7): 135～138

Metrics

Recommended 0

No Suggested Reading articles found!

符号	说明
U	用户
MT	手机令牌
AS	认证服务器。拥有加密算法ECC私钥
R	不重复随机数
TPK	临时通信用的AES密钥
HFC	硬件特征码
FFC	指纹特征码
RK	根密钥，是MT和AS共有AES密钥
Fn（R）	对随机函数进行特殊散列处理，算法保密
GC（S）	将长度为20的字符串S进行分组，高低位组合和异或运算后，生成8位动态口令
SHA1（S）	对字符串S进行SHA1摘要处理
SGPB（S）	先对S进行SHA1摘要处理，然后用AS的ECC公钥对摘要数字签名
SGPR（S）	先对S进行SHA1摘要处理，然后用AS的ECC私钥对摘要数字签名

实验设备	OS	CPU	RAM
NoteⅡPC	Android 4.1 Windows7 x64	1.6 GB 4核2.5 GB 4核	2 GB 4 GB

[1]	Shengli ZHOU, Keyi JIANG, Bo XU, Rui XU, Xikang ZHANG, Quanzhe ZHAO, Yangdong XU. Research on the effectiveness evaluation of cyber security curriculum construction for combating telecom network fraud [J]. Telecommunications Science, 2023, 39(6): 122-128.
[2]	Le ZHANG, Hongyuan MA. Practice on edge cloud security of telecom operators [J]. Telecommunications Science, 2023, 39(4): 165-172.
[3]	Fuyuan CHEN, Zhenjiang DONG, Jiankuo DONG, Minjie XU. A survey of V2X security protection technologies [J]. Telecommunications Science, 2023, 39(3): 1-15.
[4]	Jingjie SHEN, Guangqiu LI, Yancui LUO, Huizhi LIU. Physical layer security of full-duplex relay-assisted D2D networks under outdated CSI [J]. Telecommunications Science, 2023, 39(3): 89-99.
[5]	Yu KANG, Yaqiong LIU, Tongyu ZHAO, Guochu SHOU. A survey on AI algorithms applied in communication and computation in Internet of vehicles [J]. Telecommunications Science, 2023, 39(1): 1-19.
[6]	Jianwu ZHANG, Yanjun AN, Huangyan DENG. A survey on DNS attack detection and security protection [J]. Telecommunications Science, 2022, 38(9): 1-17.
[7]	Yusun FU, Jinhui TANG. A survey on 5G capabilities enabling the factories of the future [J]. Telecommunications Science, 2022, 38(9): 18-35.
[8]	Yifan DING, Guangqiu LI, Hui LI. Physical layer security of NOMA-D2D cooperative wireless system [J]. Telecommunications Science, 2022, 38(9): 83-94.
[9]	Weixiong CHEN, Xiaochen YANG, Zengjun CHUN, Ruolan LI, Hua ZHANG. Research and practice of network security threat intelligence management system for power enterprise [J]. Telecommunications Science, 2022, 38(7): 184-189.
[10]	Hongbin LUO, Shan ZHANG, Zhiyuan WANG. Interconnection and coexistence of heterogeneous network:requirements, challenges, and architecture [J]. Telecommunications Science, 2022, 38(6): 18-30.
[11]	Yifan DING, Guangqiu LI, Hui LI. Physical layer security for SWIPT-NOMA system in presence of randomly located eavesdroppers [J]. Telecommunications Science, 2022, 38(3): 133-142.
[12]	Shimulin XIE, Ijie BA, Xiang ZHANG, Zeyi TANG, Weifan NIAN, Xujie LIU. Task security scheduling method for 5G+MEC based grid edge computing platform [J]. Telecommunications Science, 2022, 38(12): 78-85.
[13]	Yatian LIU, Bowen HU, Maofei CHEN, Dongxin LIU. Study on the 5GC security situational awareness system [J]. Telecommunications Science, 2022, 38(11): 73-85.
[14]	Yunyi LIU, Jianmin ZHANG, Xiaoli FENG, Liwei ZHANG. 5G MEC system security capability deployment scheme [J]. Telecommunications Science, 2022, 38(11): 143-152.
[15]	Jianfeng CHEN, Miao CUI, Guangchi ZHANG, Qingqing WU, Hui ZENG. Secure communication optimization for double-IRS assisted SWIPT system [J]. Telecommunications Science, 2022, 38(1): 47-60.

Researcb on Application Bidirectional Identity Autbentication Scbeme Based on Mobile Pbone Token

RichHTML

PDF下载

Knowledge

Abstract

Cite this article

share this article

Figures/Tables 5

References 9

Related Articles 15

Metrics

Recommended 0