Brief Analysis of Identity Authentication Technology in the Internet industry

Since the development of the Internet, various application services have been very rich, and every website is trying to gather its own user base, so we have countless "accounts" and "passwords ".

Different applications have different security requirements. Different services have different security requirements due to their importance. If one of my frequently browsed Forum accounts is lost, I will be depressed for a maximum of a few days. Just register another account, but if one of my online bank accounts is lost, in this case, real money may be lost.

The network environment of the Internet is complex. The biggest advantage of the Internet is openness, and the biggest disadvantage is openness. Threats on the Internet are everywhere. Various viruses spread everywhere on the Internet, especially Trojan viruses, which are highly concealed and difficult to prevent. Users often lose many accounts after accessing a website. In fact, they are generally caused by Trojans. It's a success or a failure.

At present, common identity authentication security technologies include PKI technology. PKI is an Identity Authentication Technology Based on the public/private key cryptography system. by assigning a private key and a Public Key Certificate to each user, The system implements secure identity authentication and data encryption.

After years of accumulation, the PKI technology has been very mature and is widely used in the online banking field. For example, all online banking websites now use HTTPS instead of HTTP. The following S represents security, which is actually supported by PKI technology.

Dynamic Password Technology. The traditional static password technology is used to change the password stored by the user into the password generated by the device held by the user. This effectively prevents password loss caused by Trojans and other malicious programs, because the password is a one-time password and is useless even if it is stolen.

Matrix card technology. This technology can be said to be a simplification of the dynamic password technology. Its basic principle is to pre-print some random numbers on a card. Every time you log on, the system randomly asks the user to enter some numbers on the card, not all. In this way, the user's password content is different from that entered in the next login.

One-time password card technology. This technology can be said to be the most perfect and the most difficult technology for practical application. Some Random Digital passwords are pre-printed on the card. When a user logs on to the card, one of them will be used. Once used, the password will be voided and the other password will be used for the next login, when all the passwords on one card are used up, you can change the card. The biggest problem in actual use of this method is the trouble. users need to switch cards frequently. Although this method is safe, it is in line with the idea of "one password at a time" in cryptography.

Future development direction: Compared with various popular identity authentication technologies, each has its own advantages and disadvantages: PKI technology is mature, but it is difficult to become a popular solution due to cost and ease of use constraints; matrix card technology is just a simplified and transitional product, which is not considered. Although the one-time password card technology is perfect, it is troublesome to change one card in almost a month or two. Dynamic Password Technology is convenient to implement, the only disadvantage is to carry a specific hardware device with you.

In the future, mobile phone software dynamic passwords are easy to use, low cost, and portable. Let's take a look at the number of mobile phones in China, and the GPRS network charges have been lowered. In addition to the 3G in the future, it is not difficult to see that the mobile phone software dynamic password technology is a future development direction.

Although it cannot be said that it is the most perfect solution, it is one of the next-generation Internet identity authentication technologies that are most likely to be popularized on a large scale.

Related Articles]

1. Introduction to PKI/CA Technology
2. The revolutionary evolution of PKI is moving towards PKI 2.0
3. PKI basics and Applications