Authentication Implementation (Sun GlassFish Mobility Platform 1.1 Developer's Guide for Client Applications)

Sun GlassFish Mobility Platform 1.1 Developer's Guide for Client Applications

Authentication Implementation

Let:

	S = alphanumeric secret (random key sequence entered exactly once by user)
	S' = md5sum( S )

	P = alphanumeric PIN (entered by user every time)
	P' = md5sum( P )

	cipherText = encrypt( S, P' )

	persist { S', cipherText } on the device

Upon subsequent logins:

	P = PIN
	P' = md5sum( P )
	plainText = decrypt( cipherText, P' )

	if ( md5sum( plainText ) == S' )
		success
	else
		failure