A Study on User Account Login Process Bases on Symmetric Block Encryption Scheme with Pseudo Random Number Measures

• Main Authors: CHIU,CHUN-YIN, 邱俊尹
• Other Authors: FU,CHEN-HUA
• Format: Others
• Language: zh-TW
• Published: 2017
• Online Access: http://ndltd.ncl.edu.tw/handle/nsxc59

碩士 === 國防大學 === 資訊管理學系 === 105 === It keeps a rapid development in information technology and the Internet; but there exists many information security cases that hackers invade different type of web servers over the Internet with many crack skills. For defensing this security issue, one possible solution is to strengthen a login mechanism for a web server. For strengthening a login mechanism of a web server, this study proposes a security enhancement login scheme for a web server. In this proposed login scheme, this study adopts a symmetric block encryption scheme with a LCG pseudo random generator to convert a user’s input password into a 64-bytes unreadable code. The proposed symmetric block encryption scheme uses 6 scramble functions to encrypt an input password. Moreover, this study also uses a MD5 hashing function to generate a message digest of the 64-bytes unreadable code. Finally, a web server depends on a user’s login account and a MD5 hashing value of the 64-bytes unreadable code to handle a login procedure. In this study, we implement a PHP/Apache/MySQL web server and code the symmetric block encryption scheme with C. With the implemented web server and the proposed login scheme, we perform several login practices and find the proposed login scheme works well. Therefore, the proposed login scheme could be used to enhance a login process security for a web server.