基于.NET Remoting口令系统的设计

Password Authentication System Design Based On .NET Remoting

由于B/S模式下客户机对服务器的验证困难,提出了使用Remoting程序对网站的真伪进行验证。方案实现了客户端和服务器端的相互认证、服务器端敏感信息的安全存储和每次认证产生不同的会话密钥,安全分析表明,所提的方案能有效防范钓鱼网站等的常见攻击,增加了系统的安全性。方案使用.NET进行实现,证明是可行的。

In the condition of the B/S mode, the authentication server is difficult by a client. This paper puts forward to use Remoting program to verify the authenticity of Web site. The program realizes mutual authentication between the client and the server, also realizes server sensitive information safe storage. Every time authentication can produce different session keys. Safety analysis shows that the proposed scheme can effectively prevent phishing against common attack and increase the system security. The scheme is achieved by using .NET, It proved to be feasible.