网上银行用户身份认证技术的研究_指纹技术和一次性口令在网银中的应用

上海交通大学硕士学位论文网上银行用户身份认证技术的研究＿指纹技术和一次性口令在网银中的应用姓名：苏文新申请学位级别：硕士专业：计算机技术指导教师：郑东;乐红兵200410011200410212345Withthedevelopmentofnetworkinformationtechnologyandpopularizationoftheelectroniccommerce,manyenterprisestransferfromtheirtraditionalmanagementtotheelectroniccommercetransaction.SimultaneouslytheopennessofInternetbringsriskstocommercialtransaction.Therisksarevarious.Oneveryimportantaspectistoconfirmwhetherthestatusoftheothertransactionsideiswantedornot.Thisisthefoundationofalltheon-linetransactions.Recentlymanystatusauthenticationprojectshavebeenproposed.Becausethecomplexityandsafetyofthestatusauthenticationarecomprehensive,aperfectsolutionhasnotbeenfoundtillnow.Thisstudyistoanalyzeandsummarizesystematicallythosecommonlyusedstatusauthenticationtechnologiesandtocomparetheirrespectiveperformancesandtheiradvantagesandshorts.Meanwhiletheenterprisesdevelopasetofprojects,whichissuitabletothemselvesaccordingtotheirowndevelopmentandserviceapplicationsecurityrank.Thisstudytakesthetypicalon-linebankserviceasthebackgroundinformation.Itanalyzesthestatusauthenticationtechnology,whichiscommonlyusedtoregisterlongdistanceon-linebankhomeandabroad.Itfurtherexpoundsthemseparatelyaccordingtotheserviceobjects(theB2CandB2Bservice).Theseservicesarefortwokindsoftypicalservicescommunities.Theirservicewayandrankarerestrictedbytheserviceobjectsthesources.AstotheB2Cstatusauthenticationplan,thedisposablepasswordtechnologyisadopted,whichishighlysafe,easytooperate,simpletomanageandcheapincost.Theimprovementovercomestheinsecurityofsimplepasswordinon-linetransitionandtheresultisquitesatisfactory.IntheB2Bservice,thoughtheoldstatusauthenticationplanhashighsafety,thepovertyofsafetyconsciousnessandmanagementcannotpreventthecrimesmadebytheirownstaffs.Thehumanbodyfingerprintrecognitiontechnologyhereisusedtoactivatetheuserprivatekey.Comparingwithotherauthenticationtechnologies,thecharacteristicsofhumanbodyfingerprintareobjectiveandunique,whichisindividuallydifferent,invariablylife-long,neverlostandunabletobeimitated.Thereforethehumanbodyfingerprintisquitereliable.Theestablishmentofthecorrespondingrelationsbetweenthefingerprintandtheuserprivatekeyfundamentallyceasethedivulgingofuserprivatekey.Becausethestatusauthenticationbyusingthefingerprinttechnologytoregisterlong-distanceontheon-linebankisonlyontheinitialstage,thoughtheprincipleofusingthefingerprintisnotcomplex,thefuzzyfingerprintmatchisofteninfluencedbythefinger’sclearness,thefingerprintmeter,thealgorithmandsooninpractice.Themethodinthisstudyisto6combinethetheorywiththepractice.Researchersmainlyusethecollection,theoryandmodelingprooftocompletethisstudy.Theemphasisisontheselectionrequestofsmartcard,hethepretreatmentoffingerprintpictureandtheresearchofratiotothealgorithm.Inbrief,intheuserstatusauthenticationplans,theOTPtechnologyistheeffectiveplantosolvetheproblemofthelightweightlong-distanceregisters.Infacttheapplicationinverymanyenterprisesisjustbasedonthisrealization.Theintensityoffingerprint,ICcard,keytechnologyauthenticationisveryhigh,buttherealizationoftechnologyandthescaleisdifficult,thecostisnotlow,thereforeitsuitstotheelectroniccommerceandsomehigh-requestedenterprises.Thefingerprintrecognitionrepresentsthedevelopmentoftoday’sauthenticatedTechnology.Inthewayofrealizingit,thisstudydevelopswhatisusefulanddiscardswhatisnot.Wearedefinitelyabletousecomprehensivecard,whichisbasedonfingerprinttechnologyinplaceofalltheotherbankcards.identificationauthentication,OTP,CPUcard,Fingerprintrecognition910111213141516[5]ØØ17ØØØØ.181920authentication[[1100]]21IT(S-HTTP)Web(SSL:SecureSocketsLayer)NetscapeSSLNetscapeCommunicatorMicrosoftIE(STT:SecureTransactionTechnology)MicrosoftSTTMicrosoftInternetExplorer(SET:SecureElectronicTransaction)122A.(publickeyandprivatekey)RSA(KeyPair)Internet2(digitaltime-stamp)(DTS:digitaltime-stampservice)(DTS)(time-stamp)1)(digest),2)DTS3)DTSHASHDTS,DTSBellcoreDTSDTSDTS4(digitalcertificate,digitalID)3(CA:CertificationAuthority)(DTS)(DigitalID)(thirdparty)(CA)23(CPS:CertificationPracticeStatement)242526272829303132333435))(,(aKctcDESKey=3637looparchwhorl[16]383339Fingerprintcollectcompare[18]450DPI300DPI500DPI40,412∑∑+-+-=-+=-+=11),(),(),(LmmiLnnjLjnLimhjifnmgmn∑∑+-+-=12)1,1(),(),(22112121mmnmnmHnnfmmG10/)2(1XaHii+∑==aii42(x,y)g(xy)f(x,y)),(),(),(yxyxfyxgh+=çx,ygi(x,y)∑=),(/1),(yxgMyxgi{}),(),(yxfyxgE=),1(),1([),(5),(jifjifjifjig-++-=)]1,()1,(-+++jifjiff(i,j)f(i,j))1,(),1(),1(),(++-++=∂jifjifjifjif),(4)1,(jifjif--+43)//(),,(/),,(22yfxfktyxkfttyxf∂∂+∂∂==∂∂f(x,y,t)kfft),,(),,(),(tyxkftyxfyxgt-=ôôk7×7p12)3,()2,2(),3(),(8+-+----=yxfyxfyxfyxfp),3()2,2()3,(yxfyxfyxf+-++---)2,2()2,2(----+-yxfyxfx,yf(x,y)v(x,yx,y∑∑++=-=-=mmimmjyxfmyxvb),()12(1),(2(13)44∑∑+=-=-=mmimmjyxfmyxv),()12(1),(2(14)⎩⎨⎧≥-+=ttvyxvyxvvyxvyxvyxv),(...),(),(...),(),(1111ee(15)vtg(x,y)⎩⎨⎧≥=),(),(...0),(),(...1),(yxvyxfyxvyxfyxg(16)45xaixaix56748321aaaaxaaaaA=18••••••••••••••••••••••••••••10010110(18)(a)(b)(c)(d)••••••••••••••••••••••••101101101101(a)(b)(c)(d)46••••••••••••0011011001110101100111001011000000110010