摘要
当前身份认证系统口令设计过程复杂,不仅容易出现认证错误的现象,而且大大增加了计算复杂度,影响整体性能。为此,提出一种新的云环境下基于PKI的一次性口令身份认证系统。给出设计系统总体结构,其主要由CA证书服务模块、RA注册模块、认证模块与用户模块构成。身份认证选用用户数字证书与一次性口令相结合的形式,对用户名与一次性口令进行验证时,通过用户名得到其数字证书,利用"挑战-应答"协议判断用户是否合法。介绍了一次性口令生成技术,给出公开大素数与保密大素数的确定过程。实验结果表明,采用所设计系统对云环境下用户进行身份认证,不仅认证精度高,而且整体性能强。
The current password authentication system design process is complex,not only prone to the phenomenon of authentication errors,but also greatly increase the computational complexity,affecting the overall performance.To this end,a new cloud environment one-time password authentication system based on PKI was proposed,and the general structure design system was given,which is mainly composed of a CA RA certificate service module,registration module,authentication module and user module.The user authentication digital certificate and one-time password combination form,to verify the username and password,the digital certificate by name,using the "challenge response"agreement to determine whether the user is legitimate.The technique of one-time password generation was introduced,and the process of determining the large prime number were given.The experimental results show that the design of the system in the cloud environment for user authentication,not only high precision,and the overall performance is strong.
出处
《科学技术与工程》
北大核心
2017年第32期143-147,共5页
Science Technology and Engineering
基金
贵州省科学技术基金(黔科合LH字[2014]7215号)资助
关键词
云环境
PKI
一次性口令
身份认证
系统
cloud environment
PKI
one time password
identity authentication
system
