| 摘要 |
A user sets n=0, his mail account A and password S, then computes V0=E(A,S), W0=E(A,V0), V1=E(A,A(+)1), W1=E(A,V1) and M0=E(W1, V0), and initially registers W0, W1, M0 and A by e-mail in a mail server. At a visiting site the user sends a service request and A to the mail server form an arbitrary terminal connected to the Internet, and the mail server reads out the authentication session number n corresponding to the identifier A and sends it back to the user. The user computes Vn-1=E(A,S(+)(n-1)), Vn+1=E(A,S(+)(n+1)), Wn+1=E(A,Vn+1). Vn=E(A,S(+)n) and Mn=E(Wn+1, Vn) and sends Vn-1, Wn+1 and Mn to the mail server. The mail server computes E(A,Vn-1) and E(Wn, Vn-1) and if they agree with preregistered Wn-1 and Mn-1, respectively, the mail server accepts the user as valid and sends a mail message of the user.
|
