| 对一种身份认证协议的改进及其形式化分析① |
| |
| 引用本文: | 何丽,王立斌.对一种身份认证协议的改进及其形式化分析①[J].计算机系统应用,2010,19(5):47-49. |
| |
| 作者姓名: | 何丽 王立斌 |
| |
| 作者单位: | 华南师范大学 计算机学院 广东 广州 510631 |
| |
| 摘 要: | 基于口令的远程身份认证协议是目前认证协议研究的热点。2005年,Sung-Woon Lee等人提出了一个低开销的基于随机数的远程身份认证协议即Lee-Kim-Yoo协议,首先分析了此协议中所存在的安全性缺陷,随后构造了一个基于随机数和Hash函数,并使用智能卡的远程身份认证协议,最后用BAN逻辑对修改后的协议进行了形式化的分析,结果表明修改后的协议能够达到协议的安全目标。
|
| 关 键 词: | 认证协议 拒绝服务攻击 BAN逻辑 形式化分析 |
Formal Verification and Improvement of an Authentication Protocol |
| |
| HE Li and WANG Li-Bin.Formal Verification and Improvement of an Authentication Protocol[J].Computer Systems& Applications,2010,19(5):47-49. |
| |
| Authors: | HE Li and WANG Li-Bin |
| |
| Abstract: | Password-based remote user authentication is a hotspot in authentication protocol research. The security of a proposed remote user authentication scheme, the Lee-Kim-Yoo protocol, advanced by Sung-Woon Lee is analyzed, which used nonce random and had very low computational costs. However, this scheme still has many security faults. The weakness of the scheme is demonstrated. This paper proposes an improved scheme, a novel nonce and hash-based remote user authentication scheme using smart cards and analyses the amended protocol with BAN logic. It indicates that the amended protocol can reach the goal of the protocol. |
| |
| Keywords: | authentication protocol Dos attack BAN logic formal verification |
|
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
