摘要
为了保障用户信息不被窃取同时提高系统的安全性,提出一种基于AES和RSA双向认证的安全登录方案。方案由认证和加密两部分组成,通过结合对称密钥和公开密钥技术设计了一种双向认证协议,在认证通过后再对信息进行混合加密及传输,为信息安全提供了多重保障。分析及测试结果表明该方案不仅能对信息进行加密保护,同时可以认证通信双方的身份,抵抗多种恶意攻击,与如今一些主流的登录方案相比,其在运算速度和成本方面更符合企业内部管理系统的需求。
In order to prevent user information from being stolen and to improve the security of the system, we present a secure mutual authentication login scheme based on AES algorithm and RSA algorithm. The scheme consists of two parts: authentication and encryption. In this scheme, we design a mutual authentication protocol by combining the symmetric key technology and the public key technology. The information will first be encrypted by hybrid encryption algorithm and then transfer to each other after the authentication is passed. This method provides multiple protection for information security. Analysis and test results show that the scheme can not only encrypt the information, but also authenticate the identity of the two parties and resist various malicious attacks. Compared with some popular login schemes, it more conforms to the needs of enterprise management system in terms of speed and cost.
出处
《浙江理工大学学报(自然科学版)》
2017年第2期242-245,共4页
Journal of Zhejiang Sci-Tech University(Natural Sciences)
基金
浙江省自然科学基金项目(1203635-D)
关键词
AES算法
RSA算法
双向认证
混合加密
AES algorithm
RSA algorithm
mutual authentication
hybrid encryption