对于软件密码尤其是网络软件的密码,如果使用明文进行管理与保管,一旦系统被黑客攻击或者某一管理人员出于经济利益进行窃取,可能会产生较为严重的用户经济或其它方面的损失,出于对保护用户经济利益以及个人隐私方面的考虑,一种能够有效的保护用户密码信息并能够同时进行密码认证的方案亟待提出.从描述Hash加密的基本原理出发,提出了一种基于Hash加密的网络软件密码认证方案,以此解决网络软件的密码安全问题.最后,通过对不同Hash加密算法在认证过程中的时间对比,确认该方案能够应用在网络软件系统认证的实践之中.%The password used in software especially in network software is easy to be attacked by hackers or stolen by some administrator for commercial purpose, if administrated and stored in plaintext. Then serious economic or other losses will be incurred to the users. In order to cope with this condition, and protect the economic interests of the users and privacy concerns, a method which can provide the service of password information protection as well as password authentication scheme is urgently needed. Starting with describing the basic principle of Hash encryption, a network software password authentication scheme based on Hash encryption is proposed to solve the password security problem of network software. Finally, by comparing the timings of different Hash encryption algorithm during the authentication, it is confirmed that the scheme can be applied in the practice of network software system certification.
展开▼
