| 改进的基于RTT口令认证协议 |
| |
| 引用本文: | 何涛,曹天杰,翟朔.改进的基于RTT口令认证协议[J].计算机工程与设计,2011,32(7):2233-2236. |
| |
| 作者姓名: | 何涛 曹天杰 翟朔 |
| |
| 作者单位: | 1. 中国矿业大学计算机学院,江苏徐州,221116
2. 中国矿业大学计算机学院,江苏徐州221116;东南大学移动通信国家重点实验室,江苏南京210096 |
| |
| 基金项目: | 江苏省自然科学基金项目(BK2007035); 中国矿业大学科技基金项目(013080309); 东南大学移动通信国家重点实验室开放研究基金项目(W200817) |
| |
| 摘 要: | 传统的口令认证方案面临自动程序实施的在线字典攻击威胁,为了解决这个问题,Pinkas和Sander提出了一个基于RTT的口令认证协议,虽然该协议有很高的安全性,但是该协议存在已知函数攻击和缺少对恶意用户的惩罚措施的不足,针对以上不足,提出了一种新的改进方案。改进后的协议不公避免了原有协议的不足,且能更好地防止在线字典攻击。在.NET平台下编程实现了改进后的协议,实验结果表明,该协议有很好的可用性和可扩展性。
|
| 关 键 词: | 在线字典攻击 逆向图灵测试 口令认证 判定函数 图形验证码 |
Novel password authentication protocol based on RTT |
| |
| HE Tao,CAO Tian-jie,ZHAI Shuo.Novel password authentication protocol based on RTT[J].Computer Engineering and Design,2011,32(7):2233-2236. |
| |
| Authors: | HE Tao CAO Tian-jie ZHAI Shuo |
| |
| Affiliation: | HE Tao1,CAO Tian-jie1,2,ZHAI Shuo1(1.School of Computer Science,China University of Mining and Technology,Xuzhou 221116,China,2.National Mobile Communications Research Laboratory,Southeast University,Nanjing 210096,China) |
| |
| Abstract: | The traditional password authentication protocol mainly face the online dictionary attacks,which is implemented by the auto-mated programs.To solve this problem,a RTT-based password authentication protocol is proposed,which had good security,analysis found that the protocol had shortcomings: Existing attack of known function and the lack of punitive measures against malicious users,in order to overcome the shortcomings,the paper proposes a novel scheme.The novel protocol avoids the shortcomings of the origi... |
| |
| Keywords: | online dictionary attacks reverse Turing tests password authentication detection function graphical verification code |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
