視覺密碼學技術應用於網站動態密碼之認證

Visual Cryptography for One-Time Password Web Authentication

本篇論文提出一次性網頁動態密碼之認證使用視覺密碼學技術。傳統的網頁身分認證方式，須於公開網頁上輸入個人的帳號及密碼方得驗證身分，然而此舉動容易有密碼曝露及盜拷的隱憂。為此，本篇方法結合視覺密碼學技術及行動手機提出一次性密碼產生應用於網頁身份認證，本篇方法的的優點有（1）無須密碼背誦，每一次的交易密碼皆由主機傳遞給手機後所計算而得。（2）安全性高，每一次交易密碼皆不同，就算獲取其中一組密碼，也無法進行回覆攻擊進而成功登入。（3）計算速度快，傳統的加解密需要相當高的計算量，本方法採用視覺密碼學技術只需進行簡單的邏輯運算及人眼的視覺辨識便可以，相對所需的計算量較低。

In this paper, we proposed a visual cryptography for one-time password web authentication. Traditional web authentication needs personal account and password for verification and authentication. However, enter a password on the unsecure environment may cause security issue that is the password may be copied by the illegal users. Thus that, we proposed a one-time password for web authentication by using visual cryptography and mobile phone. The method has three advantages. Firstly, our method is one-time password method. Secondly, the proposed scheme is secure. Anyone who does not have the correct key or called share cannot decrypt the secret. Thirdly, the method is low computation. It only uses simple logic operation thus made the encryption and the decryption more effectively.