Research On Password Security Mechanisms Based On Graph Theory

With the vigorous development of a new generation of information technology represented by 5G,cloud computing,Internet of things,mobile Internet,big data,and artificial intelligence,a variety of network services have emerged.People can realize more and more personal needs by using various functions provided by network services.Network services have penetrated all aspects of people’s life.While providing convenience to people,network services also bring the risk of personal privacy information disclosure.In the process of using network services,various types of personal authentication information need to be submitted.Due to the lack of standards for collecting and storing authentication information,personal information is facing serious security problems.On the one hand,personal information is over-collected and spread in the same network service;on the other hand,different network services need to submit different types of authentication information.This leads to the exposure of personal information in different dimensions to the network environment.This authentication information contains a lot of personal privacy.If it cannot be properly preserved,it will have a serious impact on personal normal life.To solve the problem of personal information leakage,study the security protection mechanism of collecting,transmitting,storing,and sharing personal information,and realize the whole life cycle supervision of personal information.In the authentication process,the username and password is the most widely used information.However,due to the influence of personal habits and consciousness,users tend to choose passwords that are easy to remember.Among these passwords,weak passwords account for a large proportion,which virtually reduces the security intensity of passwords,and poses a serious threat to the password-based identity authentication mechanism.The security of passwords has become the core of protection for the authentication process.At present,many password protection schemes have been proposed,but some schemes of them have security defects in practice.A series of security incidents also show that the timely detection of password file leakage is more important than the protection after security incidents.Therefore,we need to explore new ideas for password security protection.As the most feasible scheme in password protection research,password leakage detection technology has become the focus of relevant research.Based on the theories of number theory,graph theory,and algebra theory,this paper investigates the calculation of the clique number of zero-divisor graphs and studies the properties of perfect zero-divisor satisfying the congruence relationship.Based on solving the relevant problems in graph theory,we design the scheme of password leakage detection from the perspective of graph theory.The security analysis shows that the scheme proposed in this paper has obvious advantages.The main achievements and innovations are as follows:(1)Aiming at the calculation of clique number in the zero-divisor graph over the ring,a constructive method for calculating clique number is proposed based on the Prime Number Theorem.The calculation of clique number in graph theory is an important problem.In general,it is a kind of NP problem,but in some special rings,the calculation of the largest clique is of great significance.In the process of mathematical modeling,many combinatorial optimization problems can be reduced to the problem of solving the largest clique in the graph.We give constructive proof for the calculation of the clique number of zero-divisor graphs on rings.On this basis,we design an algorithm to calculate the clique number of zero-divisor graphs.We extend the concept of zero-divisor to the case of the ternary,give the calculation method of the ternary zero-divisor graph,and design the relevant algorithm.Based on the proof of correlation theorem,we get a basic fact that on ring Zn,the zero-divisor and the clique number is completely determined by the prime divisor and prime divisor exponents of integer N;(2)To investigate the properties of perfect zero-divisor graphs under congruence relation,we study the relationship between a zero-divisor graph and a perfect graph.The condition that the zero-divisor graph on the ring is perfect is derived.In addition,the perfect zero-divisor graph satisfying the congruence relation of the lattice is studied,and the properties of distributive lattice and dismantlable lattice with congruence relation are given.(3)Aiming at the problem of password leak detection,A.Juels and R.Rivest proposed a password leak detection technology based on honeywords,but how to construct honeywords with high flatness is the core problem.We propose a method to construct honeywords based on topological graph sequence,which combines topological graph sequence and user password to generate honeywords with high flatness.The analysis of several typical attack methods shows it is difficult for the attackers to guess the topological graph matrix stored by the honeywords verification server.If the attackers use the randomly generated topological graph for identity authentication,it is easy to be detected by the security policy of the system,and the generated honeywords can provide effective flatness;(4)To solve the problem of honeywords generation with high flatness,based on the theory of the zero-divisor graph,we propose a honeywords generation scheme based on the zero-divisor graph sequence.The sequence of the zero-divisor graph is constructed by using the zero-divisor graph,and the sequence of the zero-divisor graph is combined with a username(password)to generate honeywords.Due to the huge generation space of the zero-divisor graph,it is helpful to construct the sequence of the zerodivisor graph with high randomness,which provides the basis for the design of honeywords with high flatness.Security analysis shows that the honeywords generation scheme based on the zero-divisor graph has a good performance well in dealing with several common attacks.In terms of storage overhead,the flatness of honeywords,and resistance to DoS attacks,the honeywords generation scheme based on the zero-divisor graph sequence has obvious advantages compared with other schemes.