Abstract
This paper studied the traditional two-factor authentication system, integrated public-key cryptography, Bluetooth communication, two-dimensional codes and other technologies, designed and realized a new two-factor identity authentication system based on smart phone and user password, which includes three main entities: mobile authentication client, browser extension, and web server. The mobile phone was used to replace the traditional physical authentication devices. Not only does it reduce the cost of manufacturers, but also is easier for users to use. The system is transparent to the people that they do not need to learn new knowledge before using the authentication system. Besides, compared to the traditional two-factor authentication, the system has reached the same security. Our system can resist the man-in-the-middle attacks, phishing attacks, replay attacks and others effectively. The system that we present is reliable and easy to manage, moreover, it has the good portability and the advantages above have important significance to the improvement of the identity authentication.
Supported by the National Natural Science Foundation of China under grant No. 61872069, the Fundamental Research Funds for the Central Universities (N171704005) and the Shenyang Science and Technology Plan Projects (18-013-0-01).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
China Internet Network Information Center (CNNIC).: The 35th statistical report on China’s Internet development, 35(02), 21 (2015)
Czeskis, A., Dietz, M., Kohno, T., et al.: Strengthening user authentication through opportunistic cryptographic identity assertions. In: ACM Conference on Computer and Communications Security, pp. 404–441. ACM (2012)
Wenjing, Q., Su, Z., Chengxin, Y., et al.: The comparison and development direction of several authentication technologies. J. Shandong Inst. Archit. Eng. 19(02), 84–87 (2004)
Balfanz, D., Smetter, D., Upadhyay, M.: TLS Origin-Bound Certificates, version 1.0, May 2012. https://tools.ietf.org/html/draft-balfanz-tls-obc-01
Lanyan, L., Xueshi, M.: Dynamic password double factor authentication and its application. Comput. Era (04), 11 (2010)
Shulei, M.: USB Key authentication technology and its application in e-commerce activities. Comput. Knowl. Technol. 4(24), 80–81 (2007)
Yu, J., Zhang, C.: Design and analysis of a USB-Key based strong password authentication scheme. In: 6th International Conference on Computational Intelligence and Software Engineering, pp. 1–13. IEEE (2010)
Weiguo, W.: The research of network identity authentication and the realization of VIKEY authentication system. Northwestern Polytechnical University (2003)
Bluetooth Special Interest Group. http://developer.bluetooth.cn
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Hou, L., Wei, L., Wang, C., Wang, A., Xu, J. (2018). Research on Two-Factor Identity Authentication System Based on Smart Phone and User Password. In: Sun, X., Pan, Z., Bertino, E. (eds) Cloud Computing and Security. ICCCS 2018. Lecture Notes in Computer Science(), vol 11067. Springer, Cham. https://doi.org/10.1007/978-3-030-00018-9_63
Download citation
DOI: https://doi.org/10.1007/978-3-030-00018-9_63
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-00017-2
Online ISBN: 978-3-030-00018-9
eBook Packages: Computer ScienceComputer Science (R0)