共查询到20条相似文献,搜索用时 15 毫秒
1.
本文在广义ElGamal型签名方案上建立了许多口令鉴别方案,并且提出了文[1]的三个改进方案。利用这些方案,计算机系统不仅能监测和控制口令的使用,而且可以抗击许多对口令的伪造攻击。 相似文献
2.
于昇 《计算机工程与设计》2009,30(23)
研究在认证服务器拥有公私钥对和客户端有容易记忆的弱口令条件下,实现强认证和密钥交换的安全协议.对Wangr的方案进行了安全性分析,发现该协议不能抵抗许多种攻击方式.提出一种在不安全网络上集口令认证、口令更改和密钥建立的方案,通过对新方案与Hwang-Yeh方案、Peyravian-Zunic方案、Peyravian-Jeffries方案和Wang方案进行的安全性对比分析,分析结果表明新口令认证方案具有更高的安全性和实用性. 相似文献
3.
4.
融入混沌理论的一种OTP方案研究 总被引:1,自引:0,他引:1
身份认证中广泛使用了一次性口令机制。该文分析了一种一次性口令认证方案,指出了其存在的不足;将混沌理论中混沌序列的技术应用到一次性口令当中,提出了一种新的一次性口令方案,该方案实现了双向认证,并在认证时间和存储空间上的开销得到了优化,提高了认证的强度和安全性。 相似文献
5.
基于口令的盲签名方案 总被引:1,自引:0,他引:1
利用Chang-Liao口令认证方案建立了两个盲签名方案。利用这些方案,网络中的用户使用口令不但可以访问计算机系统,而且可以用口令计算有关信息的签名,这使得签名收方在验证签名有效性的同时,还可以确认签名者是否具有签名的合法资格。作者对这些方案的安全性和实际应用还做了详细的讨论和分析。 相似文献
6.
利用Chang-Liao口令认证方案建立了两个盲签名方案。利用这些方案,网络中的用户使用口令不但可以访问计算机系统,而且可以用口令计算有关信息的签名,这使得签名收方在验证签名有效性的同时,还可确认签名者是否具有签名的合法资格。 相似文献
7.
基于(r,n)门限的密钥恢复方案 总被引:1,自引:0,他引:1
随着计算机技术的普及发展,信息安全越来越受到重视,许多系统借助加密技术来保证信息在存储传输过程中的安全性,而密码系统中所使用的密钥或口令的安全性则成为系统的薄弱环节,密钥的丢失会给用户造成不必要的损失。文中介绍了一种应用(r,n)门限进行密钥恢复的新方案,该方案综合应用门限技术和因特网中广泛使用的回答问题认证模式来恢复丢失的密钥或口令。与传统密钥的恢复方案相比,具有较好的易用性和安全性。 相似文献
8.
Ku-Chien远程身份认证方案是一种使用智能卡、低开销、实用的口令认证方案。本文分析了Ku-Chien方案的安全性,指出了Ku-Chien方案的安全缺陷:不能抵御并行会话攻击和伪造主机攻击。分析了产生安全缺陷的原因:登陆阶段用户计算出的秘密信息和认证阶段远程主机计算出的秘密信息具有类似的结构。最后,利用口令更改计数器,给出了一种改进的口令认证方案。该方案允许用户自主选择并更改口令,实现了双向认证;能够抵御重放攻击、内部攻击,具备强安全修复性;能够抵御并行会话攻击和伪造远程主机攻击。 相似文献
9.
10.
一个简单有效的口令识别方案 总被引:2,自引:0,他引:2
基于口令的身份识别技术是分布式网络环境中使用最为广泛的一种技术,然而传统的口令识别技术容易受到字典攻击、重传攻击和拒绝服务攻击。针对Sandirigara等人提出的SAS协议,提出了一种简单有效的口令识别方案SEPA,该方案可以抵御字典攻击、重传攻击和服务器拒绝服务攻击,且计算负荷和通信负荷较小。 相似文献
11.
基于数字签名方案DSS/DSA的几种应用方案 总被引:21,自引:1,他引:20
随着计算机和网络通信技术的发展,数字签名技术得到了广泛的应用。文中以美国数字签名标准DSS/DSA为基础,设计了群体数字签名,数字签名的(t,n)共亨认证以及远程口令认证3种应用方案,即体数字允许多人分别签署同一份文件,然后所有的个体签名组成同一份群体签名。 相似文献
12.
13.
《国际计算机数学杂志》2012,89(4):657-666
Conventional password authentication schemes require password files or verification tables to validate the legitimacy of the login user. In addition, for remote access, these schemes cannot withstand an attack by replaying a previously intercepted login request. In this paper, we propose a remote password authentication scheme based on the digital signature methods. This scheme does not require the system to maintain a password file, and it can withstand attacks based on message replaying. 相似文献
14.
图形密码身份认证方案设计及其安全性分析 总被引:3,自引:1,他引:2
为了解决身份认证方案中口令的安全性和易记忆性的矛盾,针对传统的字符式口令的诸多缺点,提出了结合新型图形密码的身份认证参考方案.在图形密码设计原则下,依据基于识别型和基于记忆型的设计思想,提出图形密码身份认证参照方案,并将图形密码的安全性与文本密码进行比较,分析了图形密码的密钥空间和抵抗常见口令攻击的能力.经分析多数图形密码在易记忆性和安全性方面优于传统密码. 相似文献
15.
Kuo-Hui Yeh Author Vitae Chunhua Su Author Vitae 《Journal of Systems and Software》2010,83(12):2556-2565
With the rapid growth of electronic commerce and enormous demand from variants of Internet based applications, strong privacy protection and robust system security have become essential requirements for an authentication scheme or universal access control mechanism. In order to reduce implementation complexity and achieve computation efficiency, design issues for efficient and secure password based remote user authentication scheme have been extensively investigated by research community in these two decades. Recently, two well-designed password based authentication schemes using smart cards are introduced by Hsiang and Shih (2009) and Wang et al. (2009), respectively. Hsiang et al. proposed a static ID based authentication protocol and Wang et al. presented a dynamic ID based authentication scheme. The authors of both schemes claimed that their protocol delivers important security features and system functionalities, such as mutual authentication, data security, no verification table implementation, freedom on password selection, resistance against ID-theft attack, replay attack and insider attack, as well as computation efficiency. However, these two schemes still have much space for security enhancement. In this paper, we first demonstrate a series of vulnerabilities on these two schemes. Then, two enhanced protocols with corresponding remedies are proposed to eliminate all identified security flaws in both schemes. 相似文献
16.
Password authentication using public-key cryptography 总被引:1,自引:0,他引:1
Password authentication is one of the most common and elementary applications of encryption techniques, and when these authentication services are embedded into the underlying operating system, their security is usually assured. However, there are an increasing number of systems requiring authentication services which are layered on top of a host operating system. In these cases, the security of the application system is highly dependent on the security of the password file, and, when operating outside the host operating system, compromises of the password file need to be taken seriously. In this paper we propose three different password protection schemes which preserve system security even if the password file is compromised. These schemes are based on the concepts of public-key cryptography: public-key encryption, public-key distribution and quadratic residues. In each scheme the user's password is effectively bound to the user's identification, regardless of the state of the password file, in a time-efficient and simple manner. We discuss the special features, degree of secrecy, advantages and disadvantages for each scheme. 相似文献
17.
《Journal of Network and Computer Applications》2012,35(4):1235-1248
Remote user authentication is a mechanism, in which the remote server verifies the legitimacy of a user over an insecure communication channel. Until now, there have been ample of remote user authentication schemes published in the literature and each published scheme has its own merits and demerits. A common feature among most of the published schemes is that the user's identity (ID) is static in all the transaction sessions, which may leak some information about that user and can create risk of identity theft during the message transmission. To overcome this risk, many researchers have proposed dynamic ID based remote user authentication schemes. In this paper, we have defined all the security requirements and all the goals an ideal password authentication scheme should satisfy and achieve. We have presented the results of our survey through six of the currently available dynamic ID based remote user authentication schemes. All the schemes are vulnerable to guessing attack except Khan et al.'s scheme, and do not meet the goals such as session key agreement, secret key forward secrecy. In the future, we hope an ideal dynamic ID based password authentication scheme, which meets all the security requirements and achieves all the goals can be developed. 相似文献
18.
Guomin Yang Duncan S. Wong Huaxiong Wang Xiaotie Deng 《Journal of Computer and System Sciences》2008,74(7):1160-1172
One of the most commonly used two-factor user authentication mechanisms nowadays is based on smart-card and password. A scheme of this type is called a smart-card-based password authentication scheme. The core feature of such a scheme is to enforce two-factor authentication in the sense that the client must have the smart-card and know the password in order to gain access to the server. In this paper, we scrutinize the security requirements of this kind of schemes, and propose a new scheme and a generic construction framework for smart-card-based password authentication. We show that a secure password based key exchange protocol can be efficiently transformed to a smart-card-based password authentication scheme provided that there exist pseudorandom functions and target collision resistant hash functions. Our construction appears to be the first one with provable security. In addition, we show that two recently proposed schemes of this kind are insecure. 相似文献
19.
20.
随着计算机和网络通信技术的发展,数字签名技术得到了广泛的应用,本文以Guillou-Quisquater为基础设计了群体数字签名和零知识用户鉴别2种应用方案。群体数字签名允许多人分别签署同一份文件,然后所有的个体签名组成同一份群体签名,零知识用户鉴别可以让用户在不暴露自己的秘密信息的情况下进行身份验证。 相似文献