阅读说明：本技术 基于一次性密钥的重放攻击抵御方法及系统 (Replay attack resisting method and system based on one-time secret key ) 是由 罗新华 于 2021-07-15 设计创作，主要内容包括：本发明公开了一种基于一次性密钥的重放攻击抵御方法及系统,应用于数据安全领域,方法包括：客户端初始化生成唯一终端标识,向服务端发送注册认证请求,得到初始化参数；客户端计算得到客户端Token信息,向服务端发送认证请求,服务端计算得到服务端Token信息,通过Token信息比较进行认证；客户端计算业务请求的Token信息,服务端进行二次计算得到NewToken信息,并与所存储Token信息进行对比判断业务请求是否合法。通过本发明的技术方案,降低了接入成本,减少了版本信息下发的繁琐过程,只需一次认证,提高了信息的不可猜测性,保证了网关的最小计算量。(The invention discloses a replay attack resisting method and a replay attack resisting system based on a one-time secret key, which are applied to the field of data security, and the method comprises the following steps: a client initializes to generate a unique terminal identification and sends a registration authentication request to a server to obtain an initialization parameter; the client calculates to obtain the Token information of the client, sends an authentication request to the server, and the server calculates to obtain the Token information of the server and authenticates through Token information comparison; the client calculates the Token information of the service request, the server performs secondary calculation to obtain New Token information, and compares the New Token information with the stored Token information to judge whether the service request is legal or not. By the technical scheme of the invention, the access cost is reduced, the complicated process of issuing the version information is reduced, only one-time authentication is needed, the non-guessability of the information is improved, and the minimum calculated amount of the gateway is ensured.)

1. A replay attack resisting method based on a one-time key, comprising:

a client initializes and generates a unique terminal identification, and sends a registration authentication request to a server according to the unique terminal identification to obtain seed information and initialization calculation times returned by the server;

the client calculates to obtain the Token information of the client according to the unique terminal identifier, the seed information and the initialization calculation times, and performs descending operation on the initialization calculation times;

the client sends the unique terminal identification and the client Token information to the server, the server calculates according to the seed information and the initialization calculation times to obtain server Token information, the client Token information and the server Token information are compared, if the client Token information and the server Token information are consistent, the authentication is successful, and if the client Token information and the server Token information are not consistent, the authentication is failed;

before the client sends the service request to the server, calculating Token information of the current service request by the decreased calculation times, and simultaneously performing the decreasing operation of the calculation times again;

after receiving the service request, the server performs secondary calculation on the Token information of the current service request according to the descending steps to obtain New Token information;

and comparing whether the New Token information is consistent with the server Token information, if so, determining that the current service request is legal, otherwise, determining that the current service request is illegal.

2. The method for defending against replay attacks based on one-time keys according to claim 1, further comprising:

when the initialization calculation times are decreased to only one time, the client calculates the Token information of the current service request according to the current calculation times, and calculates the AuthticateToken information according to the sum of the current seed information and the decreasing steps, the unique terminal identification and the current latest timestamp;

when a service request is carried out according to the last calculation times, the Token information of the current service request, the AuthticateToken information and the current latest timestamp are sent to the server;

after judging that the current service request is legal, the server calculates according to the sum of the stored seed information and the descending step, the unique terminal identification and the current latest timestamp to obtain AuthticateToken _ server information;

if the AuthticateToken information is consistent with the AuthticateToken _ server information, the secondary authentication is passed, and the initialization operation times are reset;

and updating the Token information of the last service request of the service end into the AuthticateToken information.

3. The method for defending against replay attack based on one-time key according to claim 1, wherein the specific process of calculating the Token information of the client according to the unique terminal identifier, the seed information and the initialization calculation times comprises:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is the unique terminal identification, seed is the seed information, N is the initialization calculation times, and Hash () is an irreversible abstract algorithm function.

4. The method for defending against replay attack based on one-time key according to claim 1, wherein the specific process of the server for obtaining the server Token information by the server according to the seed information and the initialization calculation times includes:

server Token Hash (UUID, timestamp, seed)^N

The timestamp is a timestamp corresponding to the time when the client sends the registration authentication request to the server, and seed is seed information returned by the server to the client in the registration process;

and after the server successfully authenticates the client, the server stores the Token information of the server as an initial Token and executes the decrement operation N-of the initialization calculation times as a decrement step.

5. The method according to claim 1, wherein before sending the service request to the server, the client calculates Token information of the current service request by the count of the count after decrementing, and performs the decrementing operation of the count again, and the specific process includes:

when the client needs to send a service request, calculating the Token information of the current service request according to the calculation times after executing the decreasing operation in the registration authentication process, wherein the calculation process is as follows:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing decreasing operation in the registration authentication process;

after the calculation is completed, the decrement operation N-is performed again for the current calculation number, i.e., the decrement step.

6. The method for defending against replay attack based on one-time key according to claim 1, wherein the specific process of performing secondary calculation on the Token information of the current service request according to the descending steps to obtain the NewToken information after the service terminal receives the service request includes:

the server analyzes the Token information of the current service request and the unique terminal identification according to the received service request;

the server performs secondary calculation on the Token information of the current service request to obtain NewToken, and the calculation process is as follows:

NewToken＝Hash(Token)^{step decreasing}

The number of times of executing Hash () operation for the Token information of the current service request received by the client is the descending step of descending operation.

7. A replay attack resisting system based on a one-time key, which applies the replay attack resisting method based on the one-time key according to any one of claims 1 to 6, characterized in that the client comprises a client initialization module, a client Token calculation module and a request module, and the server comprises a registration authentication module and an attack verification module;

the client initialization module is used for initializing and generating a unique terminal identifier, and the request module is used for sending a registration authentication request to the registration authentication module according to the unique terminal identifier and receiving seed information and initialization calculation times returned by the registration authentication module;

the client Token calculation module is used for calculating to obtain client Token information according to the unique terminal identifier, the seed information and the initialization calculation times, and performing decrement operation on the initialization calculation times;

the request module is used for sending the unique terminal identification and the client Token information to the server, the registration authentication module is used for calculating according to the seed information and the initialization calculation times to obtain the server Token information, comparing the client Token information with the server Token information, if the client Token information is consistent with the server Token information, the authentication is successful, otherwise the authentication is failed;

before the request module of the client sends a service request to the server, the Token calculation module of the client is used for calculating Token information of the current service request by the decreased calculation times and performing the decreasing operation of the calculation times again;

after the service end receives the service request, the attack checking module is used for carrying out secondary calculation on the Token information of the current service request according to the descending step to obtain New Token information;

the attack checking module is further configured to compare whether the NewToken information is consistent with the server Token information, if so, the current service request is legal, otherwise, the current service request is an illegal request.

8. The system for defending against replay attack based on one-time key according to claim 7, wherein the server further comprises a server parameter updating module;

when the initialization calculation times are decreased to only one time, the client Token calculation module is used for calculating Token information of the current service request according to the current calculation times, and obtaining AuthticateToken information by calculation according to the sum of the current seed information and the decreasing steps, the unique terminal identification and the current latest timestamp;

when the request module carries out service request according to the last calculation times, the Token information of the current service request, the AuthticateToken information and the current latest timestamp are sent to the server;

after the attack checking module judges that the current service request is legal, the server-side parameter updating module is used for calculating according to the sum of the stored seed information and the descending step, the unique terminal identification and the current latest timestamp to obtain AuthticateToken _ server information;

and the AuthticateToken server is also used for comparing the AuthticateToken information with the AuthticateToken _ server information, if the AuthticateToken information and the AuthticateToken _ server information are consistent, the secondary authentication is passed, the initialization operation times are reset, and the Token information of the last service request of the service end is updated to the AuthticateToken information.

9. The system according to claim 7, wherein the specific method for obtaining the Token information of the client by calculation in the registration authentication process by the Token calculation module of the client is as follows:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is the unique terminal identification, seed is the seed information, N is the initialization calculation times, and Hash () is an irreversible abstract algorithm function;

in the service request process, the specific method for calculating the Token information of the current service request comprises the following steps:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing the decrement operation.

10. The system for defending against replay attack based on the one-time key according to claim 7, wherein the specific process of the attack verification module performing the secondary calculation on the Token information of the current service request according to the decreasing step to obtain the new Token information is as follows:

NewToken＝Hash(Token)^{step decreasing}

The number of times of executing Hash () operation for the Token information of the current service request received by the client is the descending step of descending operation.

Technical Field

The invention relates to the technical field of data security, in particular to a replay attack resisting method based on a one-time secret key and a replay attack resisting system based on the one-time secret key.

Background

At present, the development of information technology can well ensure the security of communication and stored information, but some attacks which threaten the security of an information system still exist, such as tampering attack, replacement attack, impersonation attack and replay attack. The replay attack is a serious harm, for example, an attacker steals the recharge message information of the historical year and resends the message information to the accounting related system to complete related recharge, so that the accounting information of the system is disordered, and great damage is brought to accounting verification and enterprise reputation.

Replay Attacks (Replay Attacks), also known as Replay Attacks, Replay Attacks and freshness factor Attacks, refer to an attacker sending a packet that a destination host has received to achieve the purpose of deceiving a system, and are mainly used in an identity authentication process to destroy the correctness of authentication. Replay attacks are distinguished by the attack object and can be divided into:

direct replay (message forwarded to intended recipient intact)

Reflection playback (message is sent back to message sender)

Transfer replay (message to third party)

In any case, the nature of the attack is the attack on the freshness of the information of the communication process. The lack of freshness checking mechanism of the communication protocol is the main reason for being replayed. According to the analysis, the main means of the replay attack is to add a freshness factor in the protocol and check the freshness degree of the request to ensure the validity and reasonability of the request. In conjunction with this analysis, the main precautions against replay attacks are as follows:

adding client timestamp checks to ensure that requests are within a reasonable time period by timestamp check

Request variance analysis by client-side different random numbers, sequence numbers, version numbers

Completing replay attack check by analyzing and storing message characteristic information

In addition, patent CN201610835562.7 proposes a design idea of "a method and a distributed system for preventing replay attack", in which a gateway service and a working server behind the gateway server cooperate to complete the defense against replay attack. The basic process is that the client side sends an authentication request to the server side, a server which selects one of the working server cluster hosts sends a verification code, the client side sends a formal request after obtaining the verification code, and then the gateway and the working server complete verification of the verification code, so that replay attack prevention is realized.

In the relevant filtering/intercepting process of enterprise replay attack, it is most suitable to complete relevant work with various access gateways and security gateway products, and the above gateway products have their own core service support requirements, and need to ensure the reliability and availability of the gateway as much as possible in the process of defending replay attack, and reduce the resource consumption brought by defending replay attack, so as to ensure the quality of their own core service.

In the above technical solutions, the problem of replay attack can be solved in some contexts, but at the same time, there are also response deficiencies:

1. by taking the "timestamp" as a freshness factor, there may be situations where a request is misjudged as a replay attack because of a client-to-server clock difference.

2. The request difference analysis is carried out through the random number, the serial number and the version number of the client, so that a problem exists, authentication delivery needs to be completed before each request between the client and the server, the related verification codes are obtained, and the interaction frequency is increased. Moreover, the method has the problems of high requirements on the design and implementation of the client and low practicability. The verification code described in patent CN201610835562.7 is a variation of random number, and there are also problems of increasing interaction frequency and reducing system efficiency.

3. Through analysis and storage of message characteristic information, the method has the defects that a large amount of storage space is needed to keep the valuable text characteristic information of the historical request, and the landing cost is high.

Disclosure of Invention

Aiming at the problems, the invention provides a replay attack resisting method and a replay attack resisting system based on a one-time secret key, which perform self marking in a unique terminal identification mode through a registration process of a client, reduce the access cost, simultaneously reduce a complicated process of issuing version information, complete parameter information synchronization through a mutual authentication process of the client and a server, ensure that parameter synchronization is not needed in the subsequent process through one-time authentication, verify replay attack through the change of digest times, improve the unsuspectability of information, complete a main encryption calculation process by the client, complete replay attack verification through calculation of decreasing step times only required by each request of the server, ensure the minimum calculated amount of a gateway and ensure the stability of gateway core services.

In order to achieve the above object, the present invention provides a replay attack resisting method based on a one-time key, including:

a client initializes and generates a unique terminal identification, and sends a registration authentication request to a server according to the unique terminal identification to obtain seed information and initialization calculation times returned by the server;

the client calculates to obtain the Token information of the client according to the unique terminal identifier, the seed information and the initialization calculation times, and performs descending operation on the initialization calculation times;

the client sends the unique terminal identification and the client Token information to the server, the server calculates according to the seed information and the initialization calculation times to obtain server Token information, the client Token information and the server Token information are compared, if the client Token information and the server Token information are consistent, the authentication is successful, and if the client Token information and the server Token information are not consistent, the authentication is failed;

before the client sends the service request to the server, calculating Token information of the current service request by the decreased calculation times, and simultaneously performing the decreasing operation of the calculation times again;

after receiving the service request, the server performs secondary calculation on the Token information of the current service request according to the descending steps to obtain New Token information;

and comparing whether the New Token information is consistent with the server Token information, if so, determining that the current service request is legal, otherwise, determining that the current service request is illegal.

In the above technical solution, preferably, the replay attack resisting method based on the one-time key further includes:

when the initialization calculation times are decreased to only one time, the client calculates the Token information of the current service request according to the current calculation times, and calculates the AuthticateToken information according to the sum of the current seed information and the decreasing steps, the unique terminal identification and the current latest timestamp;

when a service request is carried out according to the last calculation times, the Token information of the current service request, the AuthticateToken information and the current latest timestamp are sent to the server;

after judging that the current service request is legal, the server calculates according to the sum of the stored seed information and the descending step, the unique terminal identification and the current latest timestamp to obtain AuthticateToken _ server information;

if the AuthticateToken information is consistent with the AuthticateToken _ server information, the secondary authentication is passed, and the initialization operation times are reset;

and updating the Token information of the last service request of the service end into the AuthticateToken information.

In the above technical solution, preferably, the specific process of calculating, by the client, the Token information of the client according to the unique terminal identifier, the seed information, and the initialization calculation times includes:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is the unique terminal identification, seed is the seed information, N is the initialization calculation times, and Hash () is an irreversible abstract algorithm function.

In the above technical solution, preferably, the specific process of calculating, by the server, the server Token information according to the seed information and the number of initialization calculations includes:

server Token Hash (UUID, timestamp, seed)^N

The timestamp is a timestamp corresponding to the time when the client sends the registration authentication request to the server, and seed is seed information returned by the server to the client in the registration process;

and after the server successfully authenticates the client, the server stores the Token information of the server as an initial Token and executes the decrement operation N-of the initialization calculation times as a decrement step.

In the above technical solution, preferably, before sending the service request to the server, the client calculates Token information of the current service request by the decreased number of calculations, and performs the decreasing operation of the number of calculations again, and the specific process includes:

when the client needs to send a service request, calculating the Token information of the current service request according to the calculation times after executing the decreasing operation in the registration authentication process, wherein the calculation process is as follows:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing decreasing operation in the registration authentication process;

after the calculation is completed, the decrement operation N-is performed again for the current calculation number, i.e., the decrement step.

In the foregoing technical solution, preferably, after receiving the service request, the specific process of performing secondary calculation on Token information of the current service request according to descending steps to obtain new Token information includes:

the server analyzes the Token information of the current service request and the unique terminal identification according to the received service request;

the server performs secondary calculation on the Token information of the current service request to obtain NewToken, and the calculation process is as follows:

NewToken＝Hash(Token)^{step decreasing}

The number of times of executing Hash () operation for the Token information of the current service request received by the client is the descending step of descending operation.

The invention also provides a system for defending the replay attack based on the disposable key, which applies the method for defending the replay attack based on the disposable key provided by any one of the technical schemes, wherein, the client comprises a client initialization module, a client Token calculation module and a request module, and the server comprises a registration authentication module and an attack verification module;

the client initialization module is used for initializing and generating a unique terminal identifier, and the request module is used for sending a registration authentication request to the registration authentication module according to the unique terminal identifier and receiving seed information and initialization calculation times returned by the registration authentication module;

the client Token calculation module is used for calculating to obtain client Token information according to the unique terminal identifier, the seed information and the initialization calculation times, and performing decrement operation on the initialization calculation times;

the request module is used for sending the unique terminal identification and the client Token information to the server, the registration authentication module is used for calculating according to the seed information and the initialization calculation times to obtain the server Token information, comparing the client Token information with the server Token information, if the client Token information is consistent with the server Token information, the authentication is successful, otherwise the authentication is failed;

before the request module of the client sends a service request to the server, the Token calculation module of the client is used for calculating Token information of the current service request by the decreased calculation times and performing the decreasing operation of the calculation times again;

after the service end receives the service request, the attack checking module is used for carrying out secondary calculation on the Token information of the current service request according to the descending step to obtain New Token information;

the attack checking module is further configured to compare whether the NewToken information is consistent with the server Token information, if so, the current service request is legal, otherwise, the current service request is an illegal request.

In the above technical solution, preferably, the server further includes a server parameter updating module;

when the initialization calculation times are decreased to only one time, the client Token calculation module is used for calculating Token information of the current service request according to the current calculation times, and obtaining AuthticateToken information by calculation according to the sum of the current seed information and the decreasing steps, the unique terminal identification and the current latest timestamp;

when the request module carries out service request according to the last calculation times, the Token information of the current service request, the AuthticateToken information and the current latest timestamp are sent to the server;

after the attack checking module judges that the current service request is legal, the server-side parameter updating module is used for calculating according to the sum of the stored seed information and the descending step, the unique terminal identification and the current latest timestamp to obtain AuthticateToken _ server information;

and the AuthticateToken server is also used for comparing the AuthticateToken information with the AuthticateToken _ server information, if the AuthticateToken information and the AuthticateToken _ server information are consistent, the secondary authentication is passed, the initialization operation times are reset, and the Token information of the last service request of the service end is updated to the AuthticateToken information.

In the above technical solution, preferably, the specific method for obtaining the Token information of the client by the client Token calculation module in the registration authentication process includes:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is the unique terminal identification, seed is the seed information, N is the initialization calculation times, and Hash () is an irreversible abstract algorithm function;

in the service request process, the specific method for calculating the Token information of the current service request comprises the following steps:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing the decrement operation.

In the above technical solution, preferably, the specific process of the attack verification module performing secondary calculation on the Token information of the current service request according to the decreasing step to obtain the new Token information is as follows:

NewToken＝Hash(Token)^{step decreasing}

The number of times of executing Hash () operation for the Token information of the current service request received by the client is the descending step of descending operation.

Compared with the prior art, the invention has the beneficial effects that: the method has the advantages that self-marking is carried out in a unique terminal identification mode through the registration process of a client, the access cost is reduced, meanwhile, the complicated process of issuing version information is reduced, parameter information synchronization is completed through the mutual authentication process of the client and a server, parameter synchronization can be guaranteed in the later process through one-time authentication, replay attack is checked through the change of abstract times, accordingly, the guessability of information is improved, meanwhile, the main encryption calculation process is completed by the client, the replay attack check can be completed through the operation of descending steps for each request of the server, the minimum calculated amount of a gateway is guaranteed, and the stability of the core service of the gateway is guaranteed.

Drawings

FIG. 1 is a flowchart illustrating a replay attack resisting method based on a one-time key according to an embodiment of the present invention;

fig. 2 is a schematic flowchart illustrating mutual authentication between a client and a server according to an embodiment of the present invention;

FIG. 3 is a flow chart illustrating verification of replay attacks in a service request according to an embodiment of the present invention;

FIG. 4 is a block diagram of a system for defending against replay attacks based on one-time keys according to an embodiment of the present invention;

fig. 5 is a schematic application architecture diagram of a system for defending against replay attacks based on a one-time key according to an embodiment of the present invention.

In the drawings, the correspondence between each component and the reference numeral is:

11. the system comprises a client initialization module, 12 a client Token calculation module, 13 a request module, 21 a registration authentication module, 22 an attack verification module, 23 a server parameter updating module.

Detailed Description

In order to make the objects, technical solutions and advantages of the embodiments of the present invention clearer, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are some, but not all, embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without any inventive step based on the embodiments of the present invention, are within the scope of the present invention.

The invention is described in further detail below with reference to the attached drawing figures:

as shown in fig. 1 and fig. 2, a replay attack resisting method based on a one-time key according to the present invention includes:

the client initializes to generate a unique terminal identification, and sends a registration authentication request to the server according to the unique terminal identification to obtain seed information and initialization calculation times returned by the server;

the client calculates to obtain the Token information of the client according to the unique terminal identifier, the seed information and the initialization calculation times, and performs descending operation on the initialization calculation times;

the client sends the unique terminal identification and the Token information of the client to the server, the server calculates according to the seed information and the initialization calculation times to obtain the Token information of the server, the Token information of the client is compared with the Token information of the server, if the Token information of the client is consistent with the Token information of the server, the authentication is successful, otherwise the authentication is failed;

before sending a service request to a server, a client calculates Token information of the current service request by the count number after degressive, and performs degressive operation of the count number again;

after receiving the service request, the server performs secondary calculation on the Token information of the current service request according to the descending steps to obtain New Token information;

and comparing whether the NewToken information is consistent with the server Token information, if so, judging that the current service request is legal, otherwise, judging that the current service request is illegal.

In the embodiment, self-marking is carried out in a unique terminal identification mode through a registration process of a client, the access cost is reduced, meanwhile, the complicated process of issuing version information is reduced, parameter information synchronization is completed through a mutual authentication process of the client and a server, and through one-time authentication, the condition that parameter synchronization is not needed in the later process can be guaranteed, replay attack is checked through change of abstract times, so that the unpredictability of information is improved, meanwhile, a main encryption calculation process is completed by the client, the replay attack check can be completed through calculation of descending steps times when the server requests each time, the minimum calculated amount of a gateway is guaranteed, and the stability of gateway core services is guaranteed.

Specifically, in the replay attack resisting method, three stages are divided: an initialization preparation phase, a use phase and an update phase.

Wherein the initialization preparation phase comprises:

1. initializing a client;

2. initializing authentication parameters;

3. and (6) information verification.

Use phase (phase that exerts protection against replay attacks):

after the authentication and initialization are successful, the subsequent using stage steps comprise two parts:

token calculation of the client and server verification.

Update parameters phase (Hash N times using one-time key, so N needs to be reset):

seed is authenticated and updated in preparation for new protection against replay attacks.

Since the request for defending against replay attack may be from a WEB request or a server request of a third-party application, the whole interaction process of the replay attack defending method based on the one-time key is described and illustrated by taking the WEB request as an example.

WEB initialization process. Because the difference between the WEB terminal environment and the application program version is large, in order to simplify the WEB terminal application access process, the application of the WEB terminal generates a self-defined unique terminal identifier during system initialization (eg: during the first page loading process). The unique terminal identifier here can be in an agreed random manner, and information such as a terminal name, a MAC address, an IP address, and the like can be used through the UUID generated by the JS.

The portal page, after generating the unique identifier of the current terminal (if one terminal opens multiple browsers, multiple unique terminal identifiers may be generated), is stored in the LocalStorage or Cookie of the browser for subsequent authentication and requesting use

The UUID generates an exemplary code (not limited to) as follows:

2. authentication and parameter initialization procedures (replay attack authentication module main responsibility).

The first step of authentication: synchronizing parameter information

And after the terminal unique identifier is generated, the authentication request is completed through an authentication interface provided by the gateway. The specific access parameters are as follows:

in the authentication process, the server side judges the reasonable range of the timestamp, and if the time period range is reasonable, the following information is recorded: the client uniquely identifies the UUID, the current timestamp, the issued seed information and the initialization operation times, and persists the UUID, the current timestamp, the issued seed information and the initialization operation times to a database.

And a second step of authentication: initializing Token information and executing decreasing operation aiming at initialization operation times

In the process, the specific process of calculating the Token information of the client according to the unique terminal identifier, the seed information and the initialization calculation times by the client comprises the following steps:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is a unique terminal identifier, seed is seed information, N is the number of times that the server issues to the client to perform Hash calculation for the number of times of initialization calculation in the initialization process, and Hash () is an irreversible digest algorithm function, such as Md5, Md3, Sha1, and the like. And meanwhile, performing decrement operation on the N, wherein the decrement step is 1, and then the decrement rule is as follows:

N-＝1

and storing the generated UUID, the Seed information Seed and the residual calculation times N in a client, such as a Localstorage and a Cookie.

And a third step of authentication: information verification

And the client sends UUID and Token information to the server, the server calculates the Token corresponding to the server from the stored registration information by using the previously registered information, and compares the Token of the client with the calculation result, if the Token of the client is consistent with the calculation result, the authentication is finished, otherwise, the authentication fails, and the registration needs to be carried out again. The specific process of calculating the server Token information by the server according to the seed information and the initialization calculation times comprises the following steps:

server Token Hash (UUID, timestamp, seed)^N

The timestamp is a timestamp corresponding to the time when the client sends the registration authentication request to the server, and the seed is seed information returned by the server to the client in the registration process;

after the server successfully authenticates the client, the server stores the Token information of the server as an initial Token, and executes a decrement operation N-of the initialization calculation times, i.e. decrementing the step (i.e. decrementing the remaining times). The information recorded by the server at this time is as follows:

the above information takes into account the different requirements of efficiency, either directly persisted in the data or stored in a cache. Wherein Key is UUID, and Value is serialized Object.

In the above embodiment, the WEB terminal request using process is divided into two parts, a client request process and a server computing process.

Before sending a service request to a server, a client calculates Token information of the current service request according to the calculation times after executing the decreasing operation in the registration authentication process, and performs the decreasing operation of the calculation times again, and the specific process comprises the following steps:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing decreasing operation in the registration authentication process;

after the calculation is completed, the decrement operation N-is performed again for the current calculation number, i.e., the decrement step.

Then, the relevant result is set to the Http Header of the request, or set Cookie, for example:

Http_AntiReplay＝Token

UUID＝UUID

after receiving the service request, the server performs secondary calculation on Token information of the current service request according to the decreasing steps to obtain new Token information, wherein the specific process comprises the following steps:

and the server analyzes the Token and the UUID according to the Header or Cookie information in the received service request message. If the relevant information is analyzed, the next step is carried out, otherwise, the error of the Http 4XX is directly returned.

Performing secondary calculation on Token of the current service request transmitted by the client, wherein the calculation process is as follows:

NewToken＝Hash(Token)^{step decreasing}

And comparing the Token value of the last request of the UUID record stored in the server with the Token value of the New Token record, if the Token value of the last request is consistent with the Token value of the UUID record stored in the server, the request is considered to be legal, and otherwise, the request is an illegal request.

And if the request is legal, normally performing subsequent service treatment processing, finishing the decrement processing of the 'remaining times' of the service end at the same time, and waiting for the next request.

In the above embodiment, preferably, the one-time key-based replay attack resisting method further includes a parameter updating process. The main reason why the update process of the WEB terminal is required is that the calculation times will gradually decrease until the value is less than or equal to the decreasing step, and the Token value cannot be calculated in the next request. Therefore, when the value of the client N is decreased to be enough to perform one-time decrease, the client is required to complete the secondary authentication with the last request of the round.

When the initialized calculation times are decreased to only one time, the client calculates the Token information of the current service request according to the current calculation times, and calculates the AuthticateToken information according to the sum of the current seed information and the decreasing steps, the unique terminal identification and the current latest timestamp; the specific process is as follows:

Token＝ ¹hash (UUID + current timestamp + seed)

AuthticateToken＝ ^NHash (UUID + Current timestamp (new) + news)

Wherein, the current timestamp (new) is the current latest timestamp, the new is the current seed increment, the calculation process is as follows:

newsweed + decreasing step

When the service request is carried out by the last calculation times, the Token information, the AuthticateToken information and the current latest timestamp of the current service request are simultaneously sent to the server side, wherein,

the Token information is used for checking the replay attack of the last request, the Authticatedtoken information is used for the server-side comparison related information, and the current timestamp (new) is used for the legality of the server-side comparison Authticatedtoken.

After judging that the current service request is legal, the server calculates the AuthticateToken _ server information by using the sum of the stored seed information and the descending step, the unique terminal identifier and the current latest timestamp, and the calculation process is as follows:

AuthticateToken_server＝ ^Nhash (UUID + current timestamp (new) + seed _ server)

The Seed _ server is obtained by incremental calculation of Seed stored by the server, namely: server stores seed + step down

Finally, the server side completes the comparison between the AuthticateToken _ server information and the AuthticateToken information, if the AuthticateToken information is consistent with the AuthticateToken _ server information, the secondary authentication is passed, and the initialization operation times are reset;

and updating the Token information of the last service request of the server into Authticatetoken information for comparing the next request.

In the above embodiment, the method is specifically described by taking a WEB page as an example, if the method is a third-party application, the issuing of the UUID and Seed may be the same as that of the WEB, or an administrator may perform maintenance on a gateway (a server) in advance as needed, and then perform offline maintenance and configuration on the server of the third-party application.

In the method, the freshness of the request in the communication process is ensured by a one-time password/token mode, and the aim of resisting replay attack is fulfilled. The concrete effects are as follows:

1. at the same time, the integrity of the non-guessability of the information is completed by combining with the decreasing Hash or the asymmetric encryption, thereby improving the system security

2. By simultaneously providing two access modes of a browser and an application server, the practicability of the gateway in resisting scenes in replay attack is improved

3. By means of the decreasing Hash or asymmetric encryption mode, the interaction frequency for keeping information synchronization between the client and the gateway is reduced, meanwhile, the data volume required to be persisted by the client and the gateway is reduced, the interaction efficiency of the whole system under the background of replay attack is improved, the communication loss is reduced, and the method is more suitable for a floor and a transaction intensive system.

The invention also provides a system for defending the replay attack based on the one-time key, which is applied to the method for defending the replay attack based on the one-time key, wherein the client comprises a client initialization module 11, a client Token calculation module 12 and a request module 13, and the server comprises a registration authentication module 21 and an attack verification module 22;

the client initialization module 11 is configured to initialize and generate a unique terminal identifier, and the request module 13 is configured to send a registration authentication request to the registration authentication module 21 according to the unique terminal identifier, and receive seed information and initialization calculation times returned by the registration authentication module 21;

the client Token calculation module 12 is configured to calculate to obtain client Token information according to the unique terminal identifier, the seed information, and the initialization calculation times, and perform a decremental operation on the initialization calculation times;

the request module 13 is configured to send the unique terminal identifier and the Token information of the client to the server, and the registration authentication module 21 is configured to calculate the Token information of the server according to the seed information and the initialization calculation times, compare the Token information of the client with the Token information of the server, and if the Token information of the client is consistent with the Token information of the server, authenticate successfully, otherwise, authenticate unsuccessfully;

before the request module 13 of the client sends the service request to the server, the Token calculation module 12 of the client is configured to calculate Token information of the current service request by the decreased calculation times, and perform the decreasing operation of the calculation times again;

after receiving the service request at the server, the attack verification module 22 is configured to perform secondary calculation on the Token information of the current service request according to the decreasing step to obtain new Token information;

the attack checking module 22 is further configured to compare whether the NewToken information is consistent with the server Token information, if so, the current service request is legal, otherwise, the current service request is an illegal request.

In the above embodiment, preferably, the server further includes a server parameter updating module 23;

when the number of times of the initialization calculation is decreased to only one time, the Token calculation module 12 of the client is configured to calculate Token information of the current service request according to the current number of times of the calculation, and calculate, according to a sum of the current seed information and the decreasing step, a unique terminal identifier, and a current latest timestamp, to obtain authetiatetoken information;

when the request module 13 makes a service request with the last calculation times, the Token information, the authetiatetoken information, and the current latest timestamp of the current service request are sent to the server;

after the attack checking module 22 determines that the current service request is legal, the server parameter updating module 23 is configured to calculate, using the stored seed information, the sum of decreasing steps, the unique terminal identifier, and the current latest timestamp, to obtain authetiatetoken _ server information;

and the authentication server is also used for comparing the AuthticateToken information with the AuthticateToken _ server information, if the AuthticateToken information and the AuthticateToken _ server information are consistent, the secondary authentication is passed, the initialization operation times are reset, and the Token information of the last service request of the service end is updated to the AuthticateToken information.

In the foregoing embodiment, preferably, in the registration authentication process, the specific method for calculating the Token information of the client by the client Token calculation module 12 is as follows:

client Token ═ Func (UUID, current timestamp, seed)

Hash (UUID + current timestamp + seed)^N

The UUID is a unique terminal identifier, seed is seed information, N is the number of initialization calculations, and Hash () is an irreversible digest algorithm function;

in the service request process, the specific method for calculating the Token information of the current service request comprises the following steps:

token ═ Hash (UUID + current timestamp + seed)^N

Wherein, N is the number of times of calculation after executing the decrement operation.

In the foregoing embodiment, preferably, the specific process of obtaining the new Token information by performing secondary calculation on the Token information of the current service request by the attack verification module 22 according to the decreasing step is as follows:

NewToken＝Hash(Token)^{step decreasing}

The number of times of executing Hash () operation for the Token information of the current service request received by the client is the descending step of descending operation.

In this system, the implementation of each module function corresponds to each step in the replay attack resisting method in the above embodiment, and is not described herein again.

The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, and various modifications and changes will occur to those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.