Analysis of encryption algorithms for login and registration

Encryption algorithm analysis algorithm for login and registration purposes

• Provide fixed 秘钥 and 明文 able to produce different redaction summaries
• The approximate flow of the HAMC algorithm is to use a secret key to two hashes of plaintext to get a redaction summary
• Hashing (hash) function
  
  • MD5
  • SHA1
  • SHA256

Registered

• Request a random secret key from the server
• Md5.hmac the registered password (HAMC uses the hash function of MD5 to manipulate characters) encryption: Md5.hmac (Key,message) ==> Secret Digest to (key: Key, Message: plaintext): Md5.hmac redaction Summary
• Submit the digest to the server, and the server 秘钥 md5.hmac密文摘要 persists it to the database

Login

• The client requests a secret key from the server (the secret key stored at the time of registration)

• Encrypt the password when the user submits the data:
  Md5.hmac (Key, PWD) ==> Child Summary
  MD5.HAMC (Key, (sub-summary + ' current commit time ') ==> Total summary

• The processing process when the server receives a total digest message:

  • Key key, Stored secret digest to Pwddigest
  • Two pieces of secret abstracts are computed according to the following formula:

  ‘当前提交时间‘pwdDigest) ==>目的摘要1‘当前提交时间 + 1(分钟)‘pwdDigest) ==>目的摘要2

  • If the user submits the total summary = = Objective Abstract 1 | | General Summary = = Objective Abstract 2 is the correct password

The benefits of doing so

• Registration is only one time, and only one time is submitted for critical summaries, so there is little chance of data being intercepted

• At the time of login, because the encryption uses the system time, so this can guarantee the dynamic of the password digest, and the server will only recognize the ciphertext digest within a minute, so that, even if the user submits the data to intercept, there is little time to provide the hacker to imitate the correct login request

Analysis of encryption algorithms for login and registration