| 一种基于ECC的一次性口令身份认证方案 |
| |
| 引用本文: | 陈恳,彭代渊,鲁荣波.一种基于ECC的一次性口令身份认证方案[J].微机发展,2005,15(5):40-42. |
| |
| 作者姓名: | 陈恳 彭代渊 鲁荣波 |
| |
| 作者单位: | 西南交通大学计算机与通信工程学院 四川成都610031
(陈恳,彭代渊),西南交通大学计算机与通信工程学院 四川成都610031(鲁荣波) |
| |
| 基金项目: | 湖南省教育厅科研基金资助项目(03c327) |
| |
| 摘 要: | 身份认证机制是网络安全的第一道防线,一次性口令(OTP)技术是不需要第三方参与的身份认证技术,但其本身存在安全漏洞。介绍了一次性口令认证技术的原理,并分析了S/Key一次性口令系统不能抵御冒充攻击以及存在小数攻击等局限性。基于ECC密码体制,对现有的一次性口令系统进行了改进,提出一种可以进行双向认证的一次性口令认证方案。此方案能够进行双向的身份验证,有效地防止了冒充攻击、重放攻击和小数攻击,从而提高了认证系统的安全性。
|
| 关 键 词: | ECC密码体制 认证 一次性口令 |
| 文章编号: | 1005-3751(2005)05-0040-03 |
| 修稿时间: | 2004年8月30日 |
A Scheme of One - Time Password Authentication Based on ECC |
| |
| CHEN Ken,PENG Dai-yuan,LU Rong-bo.A Scheme of One - Time Password Authentication Based on ECC[J].Microcomputer Development,2005,15(5):40-42. |
| |
| Authors: | CHEN Ken PENG Dai-yuan LU Rong-bo |
| |
| Abstract: | Identity authentication is the first line of defense of network security. One-time password (OTP) technology is concerned with no third, but it has security flaws. OTP theory is introduced in this paper. And its disadvantages like that can't resist imitate attack or decimal fraction attack are analyzed. With improvement of OTP technology, a scheme of OTP authentication based on ECC (elliptic curve cryptography) is proposed, which offers two-way identity authentication. This two-way identity authentication scheme effectively prevents imitate attack, replay attack and decimal fraction attack. And the security of authentication system is enhanced. |
| |
| Keywords: | ECC authentication one-time password |
| 本文献已被 CNKI 维普 等数据库收录! |
|
