共查询到20条相似文献,搜索用时 171 毫秒
1.
身份认证是信息安全理论和技术中非常重要的方面,传统的身份认证采用静态口令,但是静态口令一旦被截获,就极易被他人利用。一种常见的解决方法就是采用S/KEY结构一次性口令系统来实现身份认证。但此系统仍然存在服务器开销过大、单向认证及容易被冒充攻击与重放攻击等不足。在此基础上,提出了一种改进的一次性口令认证方案。与原方案相比,该方案具有效率更高、安全性更好和双向认证等优点。 相似文献
2.
针对员工单一静态口令安全机制所存在的问题,提出了一种基于一次性口令和人脸识别的身份认证方法.本文采用MFA算法对人脸进行特征提取,单向函数生成一次性口令并用该口令加密人脸特征,实现服务器端与客户端之间的双向身份认证,解决了小数攻击和人脸数据信息泄露等安全问题,提高了信息系统的安全性. 相似文献
3.
张利华 《微电子学与计算机》2007,24(6):80-83
分析了一个低开销的基于随机数的远程身份认证方案的安全性,指出了该方案的安全缺陷。构造了一个基于随机数和Hash函数、使用智能卡的远程身份认证方案(NHRA方案)。该方案使用随机数,避免了使用时戳带来的重放攻击的潜在风险。该方案允许用户自主选择和更改口令,实现了双向认证,有更小的计算开销;能够抵御假冒远程主机攻击、抵御假冒合法用户攻击;能够迅速检测口令输入错误及正确判断认证失败原因;具备强安全修复性。 相似文献
4.
在移动支付中,交易主体的身份认证是判断和确认交易双方真实身份的重要环节,可以保证每个交易主体的访问与授权的准确。本文通过分析国内外一次性口令认证技术的研究现状、认证技术以及移动支付中的安全问题,对一次性口令认证技术进行改进,提出基于移动支付的一次性口令身份认证的方案。 相似文献
5.
6.
基于置乱排序的身份认证协议研究 总被引:1,自引:1,他引:0
在分析经典的身份认证方案,特别是一次性口令认证方案中S/KEY方案存在问题的基础上,提出了一种新的身份认证协议COTP在本协议中,采用了基于混沌置乱排序表的设计算法,在用户登录过程中用置乱排序后的次数代替真正的迭代次数,对协议中用到的种子进行了加密处理.理论分析与仿真实验表明,COTP认证协议能抵御小数攻击、重放攻击及内部人员攻击,能对传输的种子和迭代次数进行加密,并实现了客户和服务器的双向认证. 相似文献
7.
8.
9.
10.
11.
Shreeya Swagatika Sahoo Sujata Mohanty Banshidhar Majhi 《Wireless Personal Communications》2018,101(3):1307-1333
The smart card based password authentication scheme is one of the most important and efficient security mechanism, which is used for providing security to authorized users over an insecure network. In this paper, we analyzed major security flaws of Jangirala et al.’s scheme and proved that it is vulnerable to forgery attack, replay attack, user impersonation attack. Also, Jangirala et al.’s scheme fail to achieve mutual authentication as it claimed. We proposed an improved two factor based dynamic ID based authenticated key agreement protocol for the multiserver environment. The proposed scheme has been simulated using widely accepted AVISPA tool. Furthermore, mutual authentication is proved through BAN logic. The rigorous security and performance analysis depicts that the proposed scheme provides users anonymity, mutual authentication, session key agreement and secure against various active attacks. 相似文献
12.
身份认证机制是网络安全的第一道防线,利用椭圆曲线密钥交换体制,设计了一种新型的身份认证方案,该方案降低了对信道安全性的要求,提供通信双方的相互认证,并能有效地防止重放攻击、冒充攻击、小数攻击,提高了认证系统的安全性。 相似文献
13.
针对现有基于椭圆曲线密码(elliptic curve cryptography,ECC)体制的 RFID(radio frequency identification device)安全认证方案不能满足相互认证、隐私保护和前向安全性等要求,提出一种基于Montgomery型椭圆曲线密码的认证方案。利用Montgomery型椭圆曲线来降低计算量,并提供标签和服务器之间的相互认证,具有匿名性和前向安全性。通过分析表明,该方案能够抵抗重放攻击、标签伪装攻击、服务器欺骗攻击、DoS攻击、位置跟踪攻击和克隆攻击。与现有方案相比,该方案在保证较低的内存、计算和通信需求的情况下,提供了较高的安全性能,能够满足RFID系统的安全性要求。 相似文献
14.
15.
针对目前一次性口令的不足,借鉴质询/响应方案的思想设计了一种基于Diffie-Hellman的一次性口令认证方案.与传统方案相比,该方案不仅能够提供通信双方的相互认证,而且能够抵抗重放攻击、离线口令猜测攻击和假冒攻击,极大地增强了应用系统的安全性. 相似文献
16.
Yixin Jiang Chuang Lin Hao Yin Zhen Chen 《Wireless Communications and Mobile Computing》2008,8(1):101-112
IEEE 802.11 wireless local area networks (WLAN) has been increasingly deployed in various locations because of the convenience of wireless communication and decreasing costs of the underlying technology. However, the existing security mechanisms in wireless communication are vulnerable to be attacked and seriously threat the data authentication and confidentiality. In this paper, we mainly focus on two issues. First, the vulnerabilities of security protocols specified in IEEE 802.11 and 802.1X standards are analyzed in detail. Second, a new mutual authentication and privacy scheme for WLAN is proposed to address these security issues. The proposed scheme improves the security mechanisms of IEEE 802.11 and 802.1X by providing a mandatory mutual authentication mechanism between mobile station and access point (AP) based on public key infrastructure (PKI), offering data integrity check and improving data confidentiality with symmetric cipher block chain (CBC) encryption. In addition, this scheme also provides some other new security mechanisms, such as dynamic session key negotiation and multicast key notification. Hence, with these new security mechanisms, it should be much more secure than the original security scheme. Copyright © 2006 John Wiley & Sons, Ltd. 相似文献
17.
18.
A secure and enhanced elliptic curve cryptography‐based dynamic authentication scheme using smart card
下载免费PDF全文
![点击此处可从《International Journal of Communication Systems》网站下载免费的PDF全文](/ch/ext_images/free.gif)
Madhusudhan R Manjunath Hegde Imran Memon 《International Journal of Communication Systems》2018,31(11)
In remote system security, 2‐factor authentication is one of the security approaches and provides fundamental protection to the system. Recently, numerous 2‐factor authentication schemes are proposed. In 2014, Troung et al proposed an enhanced dynamic authentication scheme using smart card mainly to provide anonymity, secure mutual authentication, and session key security. By the analysis of Troung et al's scheme, we observed that Troung et al' s scheme does not provide user anonymity, perfect forward secrecy, server's secret key security and does not allow the user to choose his/her password. We also identified that Troung et al's scheme is vulnerable to replay attack. To fix these security weaknesses, a robust authentication scheme is proposed and analyzed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more secure and easy to implement practically. 相似文献
19.
Pardeep Kumar Andrei Gurtov Mika Ylianttila Sang‐Gon Lee HoonJae Lee 《ETRI Journal》2013,35(5):889-899
Wireless sensor networks (WSNs) are used for many real‐time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security‐performance‐balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end‐party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real‐world WSNs applications. 相似文献