关键词: 身份认证, 一次性口令, Ｈａｓｈ函数

Abstract: With the constant development of the internet and ecommerce， people have an increasing demand for the online shopping and payment , therefore, the simple and easy-to-use static password authen-tication technology can't meet the current network application system due to its safely defects. So, the industry has put forward the one-time password authentication technology which is also known as the dynam-ic password technology. Although the biometric identification lechnology , such as the fingerprint identifi-cation，etc. , has been widely used，it can't completely replace the dynamic password technology due toits high requirements for the terminal equipment and high cost ,elc. In view of this situation ， this paper puts forward a kind of one-time dynamic password algorithm based on java language，from the perspec-tives of the safety and energy consumption，using HmacSHAl algorithm for encryption to realize the mulual authentication between lwo communication sides，which can withstand impersonation alanck s. "Hnemulti-platform experiment shows that the scheme is high security with strong portability. lt doesn't require third-party plugins，and has the advantages of low energy consumption and high execution efficiency.The technology is suitable for the identity authentication of the mobile commerce and can be applied to the mobile equipment of the smartphone，etc.

Key words: ｉｄｅｎｔｉｔｙ ａｕｔｈｅｎｔｉｃａｔｉｏｎ, ｏｎｅ-ｔｉｍｅ ｐａｓｓｗｏｒｄ, Ｈａｓｈ ｆｕｎｃｔｉｏｎ