Tutorial: Efficient and secure password-based authentication protocols against guessing attacks
Computer Communications
Applying authorization to intranets: architectures, issues and APIs
Computer Communications
AWGN based seed for random noise generator in ParseKey+
Proceedings of the 2nd international conference on Security of information and networks
| Hi-index | 0.00 |
With the development of computer network, its security problem has been urgent at present. Authentication is an important part in the network security. It can prevent illegal user from accessing network. Traditional authentication method is password. But it cannot resist dictionary and playback attack. This paper makes a profound study on the principle of One-Time Password. This mode doesn't need a third party and it is a practical and secure solution. But there are many deficiencies in OTP system. The fatal one is that it only supports the server to authenticate the user, but not supports the user to authenticate the server. So it cannot prevent a feigned server from deceiving the user. A new authentication method which integrates the advantages of the Kerberos protocol and OTP system is presented in this paper. OTP/Kerberos makes the user and the server to authenticate each other and it can prevent crasher from small number attack and playback attack. In the end, OTP/Kerberos system is implemented and applied in a MIS of national security bureau in one city. Its feasibility and security are verified.