共查询到19条相似文献,搜索用时 46 毫秒
1.
基于动态ID远程用户身份认证方案的改进 总被引:1,自引:0,他引:1
对Wang提出的动态ID远程用户身份认证方案进行了回顾和分析,指出了Wang方案中存在不能保护用户匿名和不能抗拒绝服务攻击的缺陷。针对此缺陷,在保留原方案优点的基础上提出了一种改进的动态ID远程用户身份认证方案,并通过对比分析说明了改进方案的安全性和有效性。 相似文献
2.
由于网络安全的需要,利用智能卡的双因子身份鉴别方案越来越受到重视。首先分析了Wang Yan-yan等人提出的基于动态ID的远程用户身份认证方案的安全性,指出其方案的安全缺陷是不能抵抗离线的口令猜测攻击;随后提出了一种改进的方案,改进之后的方案能有效抵抗重放攻击、离线口令猜测攻击、假冒服务器/用户攻击。经过安全分析,新的方案在保留了原方案优点的同时,具有了更高的安全性。 相似文献
3.
分析了Das, Saxena和Gulati提出的一种基于动态ID的远程用户身份认证方案的安全性,指出了此方案的安全缺陷.在保留原方案优点的基础上提出了一些改进措施,验证结果表明:改进措施提高了方案的安全性和实用性. 相似文献
4.
5.
6.
基于智能卡的动态身份认证机制 总被引:3,自引:0,他引:3
由于每次登录时用户提交的认证信息都是固定不变的,传统的口令认证机制容易遭受回放攻击。本文根据一个关于互素数的定理,提出了一种基于智能卡的动态身份认证机制。用户每次登录时,智能卡根据从服务器发来的challenge和事先嵌入智能卡的参数信息,为合法用户计算当前的认证信息。由于每次用户提交的认证信息都是动态可变的,从而有效地防止了回放攻击。 相似文献
7.
8.
9.
10.
身份认证机制是网络安全的第一道防线,利用椭圆曲线密钥交换体制,设计了一种新型的身份认证方案,该方案降低了对信道安全性的要求,提供通信双方的相互认证,并能有效地防止重放攻击、冒充攻击、小数攻击,提高了认证系统的安全性。 相似文献
11.
An authentication system, which does not require a password table to authenticate its users, is proposed. By removing a password table, and introducing smart card and fingerprint verification, the scheme can be more secure and reliable. In addition, the scheme can withstand message replaying attack and impersonation 相似文献
12.
In the literature, several dynamic ID-based remote user mutual authentication schemes are implemented using password, smartcard and Elliptic Curve Cryptography (ECC), however, none of them provides resilience against different attacks. Therefore, there is a great need to design an efficient scheme for practical applications. In this paper, we proposed such a scheme in order to provide desired security attributes and computation efficiencies. Compared with other existing techniques, our scheme is more efficient and secured. In addition, our scheme is provably secure in the random oracle model under the hardness assumption of computational Diffie-Hellman problem. 相似文献
13.
Xiang Cao Sheng Zhong 《Communications Letters, IEEE》2006,10(8):580-581
Lin et al., (2003) proposed a remote user authentication scheme for multi-server architecture. In this paper, we breaks this scheme by giving an attack. Our attack allows an adversary to impersonate any user in the system, as long as a single authentication message of that user is observed. 相似文献
14.
J.K. Lee et al. proposed an improved password authentication scheme without using a password table by employing a fingerprint verification mechanism in the user's smartcard and two servers' secret keys (see Electron. Lett., vol.38, no.12, p.554-5, 2002). It is shown that their scheme is vulnerable to a simple and effective forgery attack. In addition, it is demonstrated that their scheme is not easily repairable. 相似文献
15.
16.
Design and analysis of an improved smartcard‐based remote user password authentication scheme 下载免费PDF全文
SK Hafizul Islam 《International Journal of Communication Systems》2016,29(11):1708-1719
With the fast development of the Internet and the telecommunication technologies, internet users are carrying out various electronic transactions over internet by means of the authentication protocols. To ensure efficient and robust online transaction, security of authentication protocol turns out to be a great concern nowadays. As a result, smartcard‐based password authentication and session key agreement scheme receives significant attention in recent years. In the literature, various authentication schemes have been proposed by the cryptographic research community. Recently, Li et al. analyze some security weaknesses of the authentication scheme of Chen et al. and propose an enhancement based on the discrete logarithm problem and computational Diffie–Hellman problem. This paper further cryptanalyzes the scheme of Li et al. and identifies various security loopholes and then constructs a modified authentication scheme as a remedy. The security and efficiency evaluations demonstrate that our scheme has more security features and low computation costs than the related schemes. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
17.
18.
In 2005, Liu et al.proposed an improvement to Chien et al.'s remote user authentication scheme, using smart cards, to prevent parallel session attack.This article, however, will demonstrate that Liu et al.'s scheme is vulnerable to masquerading server attack and has the system's secret key forward secrecy problem.Therefore, an improved scheme with better security strength, by using counters instead of timestamps, is proposed.The proposed scheme does not only achieve their scheme's advantages, but also enhances its security by withstanding the weaknesses just mentioned. 相似文献
19.