|Table of Contents|

Security transfer of Web password based on dynamic soft keyboard and random code

《南京理工大学学报》(自然科学版)[ISSN:1005-9830/CN:32-1397/N]

Issue:
2014年06期
Page:
745-
Research Field:
Publishing date:

Info

Title:
Security transfer of Web password based on dynamic soft keyboard and random code
Author(s):
Qi YongGao ShuangshuangLi Qianmu
School of Computer Science and Engineering,NUST,Nanjing 210094,China
Keywords:
dynamic soft keyboard random code wireless networks user passwords access points replay attacks brute force attacks terminal attacks network attacks
PACS:
TP393.0
DOI:
-
Abstract:
In wireless networks,a Web password security transfer method is put forward to prevent user passwords from being stolen.In a Web portal,a local dynamic soft keyboard is showed,and a random code is added,then the user password and random code are encrypted by message digest algorithm(MD5)and sent.Experimental results prove that:the method proposed here can prevent hacker from intercepting user passwords through access points(AP),replay attacks and brute force attacks; compared with the existing Web password security transfer methods,the method proposed here has the advantages of low computation complexity,high efficiency,security and reliability and can prevent terminal attacks and network attacks.

References:

[1] Stefan D,Shu Xiaokui,Yao Danfeng.Robustness of keystroke-dynamics based biometrics against synthetic forgeries[J].Computers and Security,2011,31(1):109-121.
[2]赵跃华,杜云海,包明国.基于身份认证的嵌入式Web网关安全机制的实现[J].计算机工程,2004,30(23):111-113. Zhao Yuehua,Du Yunhai,Bao Mingguo.Implementation of security in embedded Web gate based on authentica-tion[J].Computer Engineering,2004,30(23):111-113.
[3]夏永和,池亚平,方勇,等.网上银行客户端安全性分析与解决方案[J].信息安全与通信保密,2007,9(9):137-139,142. Xia Yonghe,Chi Yaping,Fang Yong,et al.Security analysis and solution for client-side of Internet bank[J].Information Security and Communications Privacy,2007,9(9):137-139,142.
[4]董黎波.WEB口令认证与口令保护方案的研究与设计[D].武汉:华中科技大学计算机科学与技术学院,2008.
[5]Lu Jianzhu,Chen Ting,Zhou Jiping,et al.An enhanced biometrics-based remote user authentication scheme using smart cards[A].2013 6th International Congress on Image and Signal Processing(CISP)[C].Hangzhou,China:IEEE,2013:1643-1648.
[6]李鹏伟,傅建明,沙乐天,等.键盘输入安全研究[J].计算机科学,2013,40(10):10-17. Li Pengwei,Fu Jianming,Sha Letian,et al.Research of keyboard input security[J].Computer Science,2013,40(10):10-17.
[7]Bo Qu.Secure login for Web-based embedded system[A].International Conference on Communications and Information Processing(ICCIP 2012)[C].Aveiro,Portugal:Springer Berlin Heidelberg,2012:640-647.
[8]李鹏伟,傅建明,沙乐天,等.基于细胞自动机的软键盘布局随机化方案[J].北京交通大学学报,2013,37(5):105-111,131. Li Pengwei,Fu Jianming,Sha Letian,et al.Randomization of soft keyboard layout based on cellular automata[J].Journal of Beijing Jiaotong University,2013,37(5):105-111,131.
[9]黄淑宽,林柏钢.常用的口令认证机制及其安全性分析[J].网络安全技术与应用,2005,6(6):29-31. Huang Shukuan,Lin Baigang.Mechanism of password authentication in common use and its security analysis[J].Network Security Technology and Application,2005,6(6):29-31.
[10]Lin C H,Lai Yiyi.A flexible biometrics remote user authentication scheme[J].Computer Standards and Interfaces,2004,27(1):19-23.
[11]刘怀兰,侯昕,王佳.改进的基于USBKey的动态身份认证方案[J].华中科技大学学报(自然科学版),2010,38(11):41-43. Liu Huailan,Hou Xin,Wang Jia.An improved dynamic authentication scheme using USBKey[J].Journal of Huazhong University of Science and Technology(Natural Science Edition),2010,38(11):41-43.

Memo

Memo:
-
Last Update: 2014-12-31