| 摘要 |
In a peer-to-peer network having a plurality of user terminals, each capable of serving as a user authentication site for other terminals of the network and having an open side of a firewall and a secure side of the firewall, a method for authenticating a user. A user authentication database is stored in memories in the secure side of first and second terminals of the network. The first terminal receives a password from the user, and translates the password into an authentication encryption key for the user. The first terminal generates a first random number, encrypts the first random number with the authentication encryption key to provide a first encrypted message, and transmits the first encrypted message to the second terminal, which serves as a user authentication site for the first terminal. The user authentication site decrypts the encrypted first message to provide the first random number, and generates a second random number, which is transmitted to the first terminal. The first terminal combines and encrypts the first and second random numbers, with the authentication encryption key, to provide a second encrypted message. The first terminal transmits the second encrypted message to the user authentication site, which decrypts the encrypted second message to provide the combined first and second random numbers. The user authentication site verifies that the first and second random numbers are correct, and authenticates the user in accordance with this verification.
|
