一种适用于HOTP的一次口令生成算法

采用HMAC SHA-1杂凑函数和动态截短函数设计了一次性口令算法HOTPC．该算法具有计算速度快、安全性高的特点，易于采用令牌或IC卡硬件实现．因此．该算法适用于HTOP认证架构．此外．提出了基于令牌的认证协议应具备的3个基本条件．并设计了一种基于计数器同步的认证协议．该协议通过在服务器端设置最大认证尝试次数来防止蛮力攻击．并设置前顾参数来实现计数器重同步．分析表明．谈协议能够有效抵抗蛮力攻击和截获／重放消息等常见攻击．具有很高的安全性．

A one time password generation algorithm suitable for HOTP

A one time password algorithm HTOP.C is proposed based on HMAC SHA-1 and a dynamic truncating function. The algorithm has a fast computing speed and high security, and it is easy to implement by using Token or IC card hardware. Therefore, the algorithm is suitable for the HTOP authentication framework. Besides, three basic conditions are proposed for the token-based authentication protocol, and an authentication protocol based on counter synchronization is designed. At the server side, the protocol sets up a maximum trying number to prevent the brute-force attack, and a look-ahead parameter to realize counter resynchronization. Finally, the security of the protocol is analyzed. Results show that the protocol can resist normal attacks, such as brute-force attack and interception/replay attack effectively, and is highly secure.