期刊文献+

基于动态软键盘和随机码的Web口令安全传输 被引量:1

Security transfer of Web password based on dynamic soft keyboard and random code
下载PDF
导出
摘要 在无线网络中,为防止用户口令被窃取,提出一种Web口令安全传输方法。在Web门户中显示局部动态软键盘,同时加入随机码,通过消息摘要算法(MD5)将用户口令与随机码进行加密,然后发送。实验结果证明:该方法可以防止黑客通过接入点截获用户口令、重放攻击和暴力破解;与已有Web口令安全传输方法相比,计算复杂度低,效率、安全性和可信度高;可以有效防止终端攻击和网络攻击。 In wireless networks, a Web password security transfer method is put forward to prevent user passwords from being stolen. In a Web portal,a local dynamic soft keyboard is showed,and a random code is added, then the user password and random code are encrypted by message digest algorithm(MD5) and sent. Experimental results prove that:the method proposed here can prevent hacker from intercepting user passwords through access points(AP),replay attacks and brute force attacks;compared with the existing Web password security transfer methods, the method proposed here has the advantages of low computation complexity,high efficiency,security and reliability and can prevent terminal attacks and network attacks.
出处 《南京理工大学学报》 EI CAS CSCD 北大核心 2014年第6期745-749,共5页 Journal of Nanjing University of Science and Technology
基金 国家自然科学基金(61272419)
关键词 动态软键盘 随机码 无线网络 用户口令 接入点 重放攻击 暴力破解 终端攻击 网络攻击 dynamic soft keyboard random code wireless networks user passwords access points replay attacks brute force attacks terminal attacks network attacks
  • 相关文献

参考文献10

二级参考文献103

  • 1樊时凯,王敏.SSL通信的中间人攻击与防范[J].信息网络安全,2004(9):57-58. 被引量:4
  • 2[1]The Honeynet Project & Research Alliance.Know your Enemy:Phishing,16th May 2005.
  • 3[2]Gunter Ollmann.the Pharming Guide.NGS Insight Security Research,page3.
  • 4杨帆.USB KEY 体系研究与技术实现[J].武汉大学,2004,(11).
  • 5[5]Trusted Computing Group(TCG).TCG IWG Architecture Part Ⅱ-Integrity Management.2006,11,17.
  • 6[6]Trusted Computing Group(TCG).TCG Specification Architecture Overview[DB/OL].https://www.trustedcomputinggroup.org/specs/IWG/TCG_1_0_Architecture_Overview.pdf,2005,2,12.
  • 7[8]Sailer R,Zhang X J,Jaeger T,et al.Design and Implementation of a TCG-Based Integrity Measurement Architecture[C]//.Computer Science,January 16,2004.
  • 8曹喆.基于USBKey的身份认证机制的研究与实现[D].上海:东华大学计算机科学与技术学院,20lO.
  • 9Chen Y C, Yeh L Y. An efficient nonce-based authentication schemewith key agreement[J]. Applied Mathematics and Computation, 2005, 169 (2) : 982- 994.
  • 10Lamport L. Password authentication with insecure communications[J]. Communications of ACM, 1981, 24(8) : 770-772.

共引文献32

同被引文献14

  • 1Vaidya B, Makrakis D, Mouftah H T. Improved two-factor user authentication in wireless sensor networks. Proceedings of IEEE 6th International Conference on Wireless and Mobile Computing, Networking and Communications(WiMob), Shenzhen, China, 2010:600-606.
  • 2Mnif A, Cheikhrouhou O, Jemaa M B. An ID-based user authentication scheme for wireless sensor networks using ECC. Proceedings of 2011 International Conference on Microelectronics (ICM), Nanjing, China, 2011:1-9.
  • 3Huang X, Dharmendra S, Cui H Y. Fuzzy controlling window for elliptic curve cryptography in wireless sensor networks. Proceedings of the International Conference on Information Networking 2014 (ICOIN2014), Xiamen, China, 2014:312-317.
  • 4Faye Y, Guyennet H, Niang I, et ol. Fast scalar multiplication on elliptic curve cryptography in selected intervals suitable for wireless sensor networks. Lecture Notes in Computer Science, 2013(1):171-182.
  • 5Xue K, Ma C, Hong P, eta/. A temporal-credential-based mutual authentication and key agreement scheme for wireless sensor networks. Journal of Network & Computer App|ications, 2013, 36(1):316-323.
  • 6Pippal R S, Gupta P, Singh R. A novel smart card authentication scheme using image encryption. International Journal of Computer Applications, 2013, 72(9):8-14.
  • 7Wei J H, Liu W F, Hu X X. Cryptanalysis and improvement of a robust smart card authentication scheme for multi-server architecture. Wireless Personal Communications, 2014, 77 (3): 2255 -2269.
  • 8Li X, Niu J W, Kumari S, et ol. An enhancement of a smart card authentication scheme for muhi-server architecture. Wireless Personal Communications, 2015, 80(1):175-192.
  • 9汪定,马春光,翁臣,贾春福.一种适于受限资源环境的远程用户认证方案的分析与改进[J].电子与信息学报,2012,34(10):2520-2526. 被引量:14
  • 10刘云,杨亮,范科峰,王勇,唐仕军.一种改进的动态用户认证协议[J].电子学报,2013,41(1):42-46. 被引量:8

引证文献1

二级引证文献2

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部