一种基于二次剩余的动态口令算法

Dynamic password scheme based on quadratic residues

针对基于动态口令的电子商务身份认证机制存在计算和通信负担过重及不能对用户的使用次数和使用时间进行控制的问题,利用二次剩余理论中计算模平方根的复杂性提出一种基于二次剩余的动态口令算法。本算法具有失效次数和失效时间两个特性,因为不需要任何口令和验证表,可以避免重放攻击,因此具有稳定的安全性。这些特点使其适合用于电子商务,如在线游戏、付费电视等。另外本算法客户端计算量很小,可以用于手机等计算能力有限的环境。

Dynamic password based on authentication mechanism for electronic commerce which had an excessive burden of computing and communications and could not control the number and time that each user was entitled to use,the use of complexity of modular square root in quadratic residues,this paper proposed a dynamic password scheme based on quadratic residues to solve these problems.This algorithm had countable and time-bound features,did not require any password or verification table,it could avoid replay attacks and was under firm security.These features make this scheme more reliable for applications in the field of electronic commerce,such as on-line games,pay-TV,and so on.This algorithm has a lower computational overhead on client,can be used in mobile environment with limited computing capability.