| With the development of computer technology and network technology ,more and more enterprises and organizations conduct their business rely on the platform of networks ,and information security has become the focus of concern gradually for the people. As the first line of defense in information security system, entity authentication is one of the most important security service as well as the basis for other security services.The key idea of existing entity authentication models based on Challenge -Response is to keep the verification changing constantly through the way of import changing factors, which can enhance the security. But such schemes could show its weaknesses and inadequacies especially in the time of concrete implementation, and can not provide adequate security.This thesis focus on identity authentication technology and protocol, the key technical points, designing and analyzing of the authentication scheme, programming and testing of the prototype system are presented. Here cryptography theory and the concept, mechanism of identity authentication and protocols are discussed. Challenge-Response mechanism is detail analyzed and its' security defects are given, and then common attack methods against these defects are analyzed. Finally an improved scheme is proposed and then the scheme is preliminary analyzed. On this basis, simulate and implement the scheme, and a simple test and analysis is conducted. Finally, the summary of the research is carried out, and the research work in the future is also suggested.in the improved model, the salt and the mechanism of re-hash are imported, mutual authentication and two-factor authentication are implemented, which can withstand attack methods such as eavesdrop,masquerade,replay,password guess attack,man-in-the-middle attack ,and the security is enhanced. |
PDF Full Text Request