一种新的双向OTP机制研究与设计

A type of new Two-way OTP Scheme Research and Design

身份鉴别最常用的是口令鉴别技术,一次性口令鉴别技术提高了鉴别的安全性。本文针对口令序列和质询/应答方案中的缺陷提出了一种新的一次性口令鉴别机制。本机制采用单向函数,通过向两端传递随机数验证各自的身份,从而实现双向鉴别。该机制减少了服务器的开销,有效的保护了用户的身份,能对抗小数攻击,拒绝服务攻击等威胁。

The technology of password authentication is the most usually used in identity authentication,and one-time password authentication technology improves the security of authentication. According to the defects of ＂password sequence＂ and ＂question/response＂ method , this paper presents a new OTP authentication scheme.The scheme implements two-way authentication by useing Hash function and transfering random number to prove each other’s identity to the two ends.It reduces server’s overhead,effectively protect the identity of user,and can resist the threat such as small integer attack and denial of server attack.