###

DOI:

计算机系统应用英文版:2015,24(9):272-275

View/Add Comment 过刊浏览高级检索 HTML

←前一篇 | 后一篇→

码上扫一扫！

下载全文

基于TOTP的Web改进认证

赵建勋

(西安文理学院数学与计算机工程学院, 西安 710065)

Improved Web Authentication Based on TOTP

ZHAO Jian-Xun

(School of Mathematics and Computer Engineering, Xi'an University, Xi'an 710065, China)

摘要

图/表

参考文献

相似文献

本文已被：浏览 1452次下载 2412次
Received:January 15, 2015 Revised:March 04, 2015

中文摘要: 为了提高TOTP协议应用在Web认证中的安全性, 依照HOTP认证三原则改进了基于TOTP的认证设计. 改进后的认证系统在一个时间窗口内增加了一个认证次数阈值和时间戳用来更好的抗蛮力攻击和重放攻击, 增加随机数和MD5哈希算法轻量化地抵抗中间人攻击. 最后用PHP语言设计了一个安全、实用的Web认证系统.

中文关键词: HOTP TOTP 一次性口令 Web认证攻击

Abstract:The paper makes an improved authentication method order by Three-Protocol of HOTP authentication method based on TOTP. The authentication method uses an authentication number threshold and a timestamp to resist brute force attacks and replay attacks, uses a random number and the MD5 encryption resist Man-in-the-Middle attack. Finally, a safe and useful Web authentication protocol is designed by PHP.

keywords: HOTP TOTP One-time-password Web authentication attacks

文章编号： 中图分类号： 文献标志码：

基金项目:

Author Name	Affiliation
ZHAO Jian-Xun	School of Mathematics and Computer Engineering, Xi'an University, Xi'an 710065, China

Author Name	Affiliation
ZHAO Jian-Xun	School of Mathematics and Computer Engineering, Xi'an University, Xi'an 710065, China

引用文本：
赵建勋.基于TOTP的Web改进认证.计算机系统应用,2015,24(9):272-275
ZHAO Jian-Xun.Improved Web Authentication Based on TOTP.COMPUTER SYSTEMS APPLICATIONS,2015,24(9):272-275