Design and Implementation of USB Key System Based on Dual-Factor Identity Authentication Protocol  

作　　者：Jianxin Wang Zifan Xu Xiangze Chang Chaoen Xiao Lei Zhang 

机构地区：[1]Beijing Electronic Science and Technology Institute,Beijing 100070,China

出　　处：《Journal of Electronic Research and Application》2024年第5期161-167,共7页电子研究与应用

基　　金：funded by the College-level Characteristic Teaching Material Project(Project No.20220119Z0221);The College Teaching Incubation Project(Project No.20220120Z0220);The Ministry of Education Industry-University Cooperation Collaborative Education Project(Project No.20220163H0211);The Central Universities Basic Scientific Research Fund(Project No.3282024009,20230051Z0114,and 20230050Z0114);The Beijing Higher Education“Undergraduate Teaching Reform and Innovation Project”(Project No.20220121Z0208 and 202110018002);The College Discipline Construction Project(Project No.20230007Z0452 and 20230010Z0452)。

摘　　要：With the increasing demand for information security,traditional single-factor authentication technology can no longer meet security requirements.To this end,this paper proposes a Universal Serial Bus(USB)Key hardware and software system based on a two-factor authentication protocol,aiming to improve the security and reliability of authentication.This paper first analyzes the current status and technical principles of USB Key-related research domestically and internationally and designs a two-factor authentication protocol that combines impact/response authentication and static password authentication.The system consists of a host computer and a USB Key device.The host computer interacts with the USB Key through a graphical user interface.The Secure Hash Algorithm 1(SHA-1)and MySQL database are used to implement the authentication function.Experimental results show that the designed two-factor authentication protocol can effectively prevent replay attacks and information tampering,and improve the security of authentication.If the corresponding USB Key is not inserted,the system will prompt that the device is not found.Once the USB Key is inserted,user identity is confirmed through two-factor verification,which includes impact/response authentication and static password authentication.

关 键 词：Information security USB Key Impact/response authentication Static password authentication 

分 类 号：TP3[自动化与计算机技术—计算机科学与技术]