共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
在密钥分发协议中,一般都通过在参与协议的实体之间共享秘密来提供认证服务。因为用户倾向于选择容易记忆的口令,而这种弱口令容易遭受词典攻击,因此由用户选择的口令不应是共享秘密。在许多协议中,人们使用不同的方法来解决这个问题。提出了一个基于单向函数实现的密钥分发协议。安全分析表明,该协议可以防范词典攻击。 相似文献
3.
Kuo-Hui Yeh 《Wireless Personal Communications》2014,79(3):1621-1634
With the rapid growth of electronic commerce and demand on variants of Internet based applications, the system providing resources and business services often consists of many servers around the world. So far, a variety of authentication schemes have been published to achieve remote user authentication on multi-server communication environment. Recently, Pippal et al. proposed a multi-server based authentication protocol to pursue the system security and computation efficiency. Nevertheless, based on our analysis, the proposed scheme is insecure against user impersonation attack, server counterfeit attack, and man-in-the-middle attack. In this study, we first demonstrate how these malicious attacks can be invoked by an adversary. Then, a security enhanced authentication protocol is developed to eliminate all identified weaknesses. Meanwhile, the proposed protocol can achieve the same order of computation complexity as Pippal et al.’s protocol does. 相似文献
4.
提出了一种改进的基于口令的认证体制,该体制能够抵御C.K.Chan和L.M.Cheng提出的一种重放攻击。 相似文献
5.
A multi-server authentication scheme enables a remote user to access the services provided by multiple servers after registering with the registration center. Recently, Pippal et al. (Wirel Pers Commun 2013, doi:10.1007/s11277-013-1039-6) introduced a robust smart card authentication scheme for multi-server architecture. They also illustrated that their scheme could be free from potential network attacks, and validated the scheme by using BAN logic. In this paper, by presenting concrete attacks, we demonstrate that Pippal et al.’s scheme can not withstand off-line password guessing attacks, impersonation attacks and privileged insider attacks. Furthermore, to overcome these attacks, we propose an improved authentication scheme for multi-server architecture using smart card and password. Security and efficiency analysis indicates that our scheme not only actually achieves intended security goals (e.g., two-factor authentication, perfect forward secrecy etc.), but also is efficient enough to be implemented for practical applications. 相似文献
6.
7.
基于Harn签名方案的远距离通行字认证方案 总被引:20,自引:3,他引:17
本文首先利用Shamir的秘密共享方法将Chang-Liao通行字认证方案转变成(t,n)共享认证方案,从而使n个认证者中任意t个人能够认证通行字的正确性。其次提出了一个基于Harn数字签名方案的远距离通行字认证方案。 相似文献
8.
9.
Sudhakar T. Natarajan V. Gopinath M. Saranyadevi J. 《Wireless Personal Communications》2020,115(4):2779-2803
Wireless Personal Communications - In the past two decades, numerous two-factor authentication protocols have been proposed for the multi-server environment using a smart card and password. Sahoo... 相似文献
10.
FTP协议是一种简单易用的文件传输协议,应用十分广泛,但它以明文形式传输口令和文件,带有与生俱来的不安全性,随着网络的不断发展应用,FTP已成为政府机关和企事业单位传送信息的一种主要手段,以明文形式传输敏感信息,缺乏有效的身份认证以及安全传输机制等这样的隐患将会给国家和企业造成巨大的损失和危害,因此FTP通信系统的安全性研究显得尤为重要。以构建FTP安全通信系统为背景,分析了传统FTP身份认证的缺陷,对比了当前常用的认证技术。在此基础上,提出了一种结合HASH函数、对称密码机制以及挑战/应答机制的基于动态口令的双向认证方案。最后对该方案进行了性能分析。结果表明:该方案具有保护用户身份信息,防止诸如重放、假冒等常见身份认证攻击,实现双向认证的优点。 相似文献
11.
12.
身份认证机制是网络安全的第一道防线,利用椭圆曲线密钥交换体制,设计了一种新型的身份认证方案,该方案降低了对信道安全性的要求,提供通信双方的相互认证,并能有效地防止重放攻击、冒充攻击、小数攻击,提高了认证系统的安全性。 相似文献
13.
Recently, Wang and Ma (Wireless Pers Commun, 2012. doi:10.1007/s11277-011-0456-7) proposed a smart card based authentication scheme for multi-server environment. They also demonstrated that their scheme could overcome various attacks. In this paper, the security of Wang et al.’s scheme is evaluated. Our analysis shows their scheme is vulnerable to the server spoofing attack, the impersonation attack, the privileged insider attack and the off-line password guessing attack. 相似文献
14.
Wireless Personal Communications - For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication... 相似文献
15.
提出了一种新的基于多图形选择的图形口令机制。与现存的基于多图形选择的图形口令相比,文中所提出的新机制采用敲击键盘选择口令图片,代替了以往由鼠标点击的选择方式,其优点在于可有效地防止肩窥攻击,并能抵御交叉攻击,增加了口令机制的安全性。实验证明,该机制具有较好的安全性和可用性。 相似文献
16.
17.
18.
19.
针对无线传感器网络(WSN)用户远程安全认证问题,分析现有方案的不足,提出一种新颖的基于智能卡的WSN远程用户认证方案。通过用户、网关节点和传感器节点之间的相互认证来验证用户和节点的合法性,并结合动态身份标识来抵抗假冒攻击、智能卡被盗攻击、服务拒绝攻击、字典攻击和重放攻击。同时对用户信息进行匿名保护,且用户能够任意修改密码。性能比较结果表明,该方案具有较高的安全性能,且具有较小的计算开销。 相似文献
20.
In the security chain the weakest link is definitely the human one: human beings cannot remember long secrets and often resort
to rather insecure solutions to keep track of their passwords or pass-phrases. For this reason it is very desirable to have
protocols that do not require long passwords to guarantee security, even in the case in which exhaustive search is feasible.
This is actually the goal of password-based key exchange protocols, secure against off-line dictionary attacks: two people
share a password (possibly a very small one, say a 4-digit number), and after the protocol execution, they end up sharing
a large secret session key (known to both of them, but nobody else). Then an adversary attacking the system should try several
connections (on average 5000 for the above short password) in order to be able to get the correct password. Such a large number
of erroneous connections can be prevented by various means. Our results can be highlighted as follows. First we define a new
primitive that we call trapdoor hard-to-invert group isomorphisms, and give some candidates. Then we present a generic password-based
key exchange construction that admits a security proof assuming that these objects exist. Finally, we instantiate our general
scheme with some concrete examples, such as the Diffie-Hellman function and the RSA function, but more interestingly the modular
square-root function, which leads to the first scheme with security related to the integer factorization problem. Furthermore,
the latter variant is very efficient for one party (the server). Our results hold in the random-oracle model. 相似文献