Research and Implementation of Time Synchronous Dynamic Password Based on SM3 Hash Algorithm

Download Download as PDF (Size:373KB)  HTML   XML  PP. 893-902  
DOI: 10.4236/ojapps.2016.613077    349 Downloads   395 Views  

ABSTRACT

With the rapid development of information technology, demand of network & information security has increased. People enjoy many benefits by virtue of information technology. At the same time network security has become the important challenge, but network information security has become a top priority. In the field of authentication, dynamic password technology has gained users’ trust and favor because of its safety and ease of operation. Dynamic password, SHA (Secure Hash Algorithm) is widely used globally and acts as information security mechanism against potential threat. The cryptographic algorithm is an open research area, and development of these state-owned technology products helps secure encryption product and provides safeguard against threats. Dynamic password authentication technology is based on time synchronization, using the state-owned password algorithm. SM3 hash algorithm can meet the security needs of a variety of cryptographic applications for commercial cryptographic applications and verification of digital signatures, generation and verification of message authentication code. Dynamic password basically generates an unpredictable random numbers based on a combination of specialized algorithms. Each password can only be used once, and help provide high safety. Therefore, the dynamic password technology for network information security issues is of great significance. In our proposed algorithm, dynamic password is generated by SM3 Hash Algorithm using current time and the identity ID and it varies with time and changes randomly. Coupled with the SM3 hash algorithm security, dynamic password security properties can be further improved, thus it effectively improves network authentication security.

Cite this paper

Silue, D. , Wan, W. and Rizwan, M. (2016) Research and Implementation of Time Synchronous Dynamic Password Based on SM3 Hash Algorithm. Open Journal of Applied Sciences, 6, 893-902. doi: 10.4236/ojapps.2016.613077.

References

[1] Sandirigama, M., Shimizu, A. and Noda, M.T. (2000) Simple and Secure Password Authentication Protocol (SAS). IEICE Technical Report Office Information Systems, 83, 1363-1365.
[2] Stallings, W. (2006) Cryptography and Network Security: Principles and Practice. IEEE Transactions on Dielectrics & Electrical Insulation, 13, 98-104.
[3] De Canniere, C. and Rechberger, C. (2002) Finding SHA-1 Characteristics: General Results and Application. IACR Cryplogye Print Archive, p. 391.
[4] Wang, X.Y. and Yu, H.B. (2012) How to Break MD5 and Other Hash Function. Lecture Notes in Computer Science, 3494, 19-35.
[5] Abdalla, M. and Reyzin, L. (2007) A New Forward-Secure Digital Signature Scheme. IEEE International Workshop on Anti-Counterfeiting, Security, Identification, Springer Berlin Heidelberg, 116-129.
[6] Zou, J., Wu, W.L., Wu, S., Su, B.Z. and Dong, L. (2011) Preimage Attacks on Step-Reduced SM3 Hash Function. Lecture Notes in Computer Science, 7259, 375-390.
[7] Joan, D. and Vincent, R. (2012) The Design of Rijndael: AES—The Advanced Encryption Standard. Springer Science & Business Media.
[8] Diffie, W. and Hellman, M.E. (1976) New Directions in Cryptography. IEEE Transactions on Information Theory, 22, 644-654.
https://doi.org/10.1109/TIT.1976.1055638
[9] Peng, F., Qiu, S.S. and Long, M. (2005) A Secure Digital Signature Algorithm Based on Elliptic Curve and Chaotic Mappings. Circuits Systems & Signal Processing, 24, 585-597.
https://doi.org/10.1007/s00034-005-2409-4
[10] Sandirigama, M., Shimizu, A. and Noda, M.T. (2011) Simple and Secure Password Authentication Protocol. IEICE Transactions on Communications, 83, 1363-1365.
[11] Haller, N. (1995) The S/KEY One-Time Password System. Proceedings of the Internet Society Symposium on Network & Distributed Systems, San Diego, February 1995, 151-157.
https://doi.org/10.17487/rfc1760
[12] Halevi, S., Hall, W.E. and Jutla, C.S. (2008) The Hash Function Fugue. Submission to Nist.
[13] Young-Hwa, A. (2013) Security Improvements of Dynamic ID-based Remote User Authentication Scheme with Session Key Agreement. IEEE Transactions on Consumer Electronics, 8, 1072-1076.
[14] Si, J., Jin, C. and Liu, G. (2013) Research and Improvement on the Remote Dynamics Password Authentication Scheme. Computer Applications and Software, 25, 54-55.
[15] Detchast, P. and Thawatchai, C. (2011) Web Security Improving by Using Dynamic Password Authentication. 2011 International Conference on NetWork and Electronics Engineering IPCSIT, 11, 32-36.
[16] Wang, B. and Liu, G. (2012) Study and Amend Dynamic Password Authentication Scheme. Computer Engineering and Design, 28, 2806-2808.
[17] Guo, L., Wang, L. and Li, Q. (2015) Differential Power Analysis of Dynamic Password Token Based on SM3 Algorithm, and Countermeasures. 11th International Conference on Computational Intelligence and Security, Shenzhen, 19-20 December 2015, 354-357.
[18] Pointcheval, D. and Stern, J. (2000) Security Arguments for Digital Signatures and Blind Signatures. Journal of Cryptology, 13, 361-396.
https://doi.org/10.1007/s001450010003
[19] Biryukov, A., Lamberger, M., Mendel, F. and Nikolic, I. (2011) Second-Order Differential Collisions for Reduced SHA-256. In: Lee, D.H. and Wang, X., Eds., Advances in Cryptology—ASIACRYPT 2011, Springer, Berlin, 270-287.
https://doi.org/10.1007/978-3-642-25385-0_15
[20] Brosa, A.M. and Figueras, J. (2000) Digital Signature Proposal for Mixed-Signal Circuits. Journal of Electronic Testing, 17, 1041-1050.
https://doi.org/10.1109/test.2000.894317
[21] Goldwasser, S. and Waisbard, E. (2004) Transformation of Digital Signature Schemes into Designated Confirmer Signature Schemes. Theory of Cryptography Conference, Cambridge, 19-21 February 2004, 77-100.
https://doi.org/10.1007/978-3-540-24638-1_5
[22] Johnson, D., Menezes, A. and Vanstone, S. (2010) The Elliptic Curve Digital Signature Algorithm (ECDSA). International Journal of Information Security, 1, 36-63.
https://doi.org/10.1007/s102070100002
[23] Song, C., Qu, Z., Blumm, N. and Barabási, A. (2010) Limits of Predictability in Human Mobility. Science, 327, 1018-1021.
https://doi.org/10.1126/science.1177170
[24] Haller, N., Metz, C., Nesser, P. and Straw, M. (1998) A One-Time Password System. Network and Distributed System Security Symposium, San Diego, 11-13 March 1998, 98-100.
https://doi.org/10.17487/rfc2289

  
comments powered by Disqus

Copyright © 2017 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.