| 改进的抵抗离线字典攻击的口令更新协议 |
| |
| 引用本文: | 罗璇,曹天杰.改进的抵抗离线字典攻击的口令更新协议[J].计算机工程与应用,2009,45(25):118-120. |
| |
| 作者姓名: | 罗璇 曹天杰 |
| |
| 作者单位: | 中国矿业大学(南湖校区) 计算机科学与技术学院,江苏 徐州 221116 |
| |
| 基金项目: | 江苏省自然科学基金,中国矿业大学科技基金,移动通信国家重点实验室开放研究基金 |
| |
| 摘 要: | 口令认证是最简单,方便和应用最广泛的一种用户认证方式。最近,Tsaur等人指出了Chang等人的口令更新协议存在拒绝服务攻击并且不能提供口令的后向安全。随后,他们给出了一种改进的口令更新协议,并声称该协议是安全的。文中,分析了Tsaur等人的口令更新协议,指出了其方案是易受离线字典攻击的,且不能提供口令的前向和后向安全性。最后,提出一种改进的口令更新协议,并分析其安全性。
|
| 关 键 词: | 认证 口令更新 离线字典攻击 前向安全 后向安全 |
| 收稿时间: | 2009-4-27 |
| 修稿时间: | 2009-6-8
|
Improved against off-line dictionary attack password change protocol |
| |
| LUO Xuan,CAO Tian-jie.Improved against off-line dictionary attack password change protocol[J].Computer Engineering and Applications,2009,45(25):118-120. |
| |
| Authors: | LUO Xuan CAO Tian-jie |
| |
| Affiliation: | School of Computer,Nanhu,China University of Mining and Technology,Xuzhou,Jiangsu 221116,China |
| |
| Abstract: | Password authentication is the simplest,most convenient and most widely used means of authentication.Recently,Tsaur and some others point out that the password change protocol which is presented by Chang presents the denial-of-service attacks and cannot provide backward secrecy.Then,they present an improved password change mechanism which is claimed to be secure.Their protocol is analysed to show that their improved password change mechanism fails to against the off-line dictionary attack and cannot provide... |
| |
| Keywords: | authentication password change off-line dictionary attacks forward secrecy backward secrecy |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程与应用》浏览原始摘要信息 |
|
点击此处可从《计算机工程与应用》下载全文 |
