摘要
针对当前系统登录方式在安全方面存在的问题和不足,分析传统加密方式中存在易被解密的隐患,提出一种基于伪密码的加密方法。首先由加密函数将用户的真密码转换为随机的伪密码并存储在数据库中,再由解密函数将存放在数据库中的伪密码解密,并与用户的原密码比较,从而确定用户身份的合法性。该方法实现简单,对应的伪密码毫无规律,不易破解,安全性较强。
Aiming at the shortages of logging in terms of its security, the hidden trouble of decryption that exists in the traditional way of encryption, is analyzed and a new encrypting method based on the pseudo-password is proposed. The usersr real-passwords are converted to the random pseudo-passwords by means of the encryption function and are stored in the data- base. Then the pseudo-passwords stored in the database are decoded by the decryption function, compared with the users' o- riginal passwords, and the legitimacy of user identity is identified. This method is easy to realize, in addition, the corresponding pseudo-passwords are so erratic that it is difficult to crack. Therefore, the strong system security is provided.
出处
《现代电子技术》
2010年第12期51-52,共2页
Modern Electronics Technique
关键词
系统安全
加密方法
伪密码解密
数据库
system security
encryption
pseudo-password decryption
database
