| 一次性口令认证系统的研究 |
| |
| 引用本文: | 张丽,毕于深,杨武英,关颖,李子梅.一次性口令认证系统的研究[J].辽宁石油化工大学学报,2004,24(4):71-73. |
| |
| 作者姓名: | 张丽 毕于深 杨武英 关颖 李子梅 |
| |
| 作者单位: | 辽宁石油化工大学信息工程学院,辽宁,抚顺,113001 |
| |
| 摘 要: | Internet和无线通信技术迅速发展的同时,信息安全越来越突现出其重要性。在保护数据的安全访问和传输过程中身份认证起着重要的作用。在传统的口令认证机制中,用户的口令多数以明文形式在网上传输并且固定不变。即使经过加密后以密文形式传输,所用的加密密钥也是不变的。这使得攻击者可以通过窃听得到这些可重用的口令达到入侵系统的目的。一次性口令系统允许用户每次登录时使用不同的口令,很好地防止了口令重用攻击,增强了系统的安全性。在介绍S/key一次性口令认证系统的基础上,指出S/key系统的两个安全缺陷,提出了一种新的改进的一次性口令认证系统增强型S/key系统,并分析了新认证系统的安全性。
|
| 关 键 词: | 一次性口令 认证 Hash函数 |
| 文章编号: | 1672-6952(2004)04-0071-03 |
| 修稿时间: | 2004年3月9日 |
One-Time Password Authentication System |
| |
| ZHANG Li,BI Yu-shen,YANG Wu-ying,GUAN Ying,LI Zi-mei.One-Time Password Authentication System[J].Journal of Liaoning University of Petroleum & Chemical Technology,2004,24(4):71-73. |
| |
| Authors: | ZHANG Li BI Yu-shen YANG Wu-ying GUAN Ying LI Zi-mei |
| |
| Affiliation: | ZHANG Li,BI Yu-shen~*,YANG Wu-ying,GUAN Ying,LI Zi-mei |
| |
| Abstract: | With the rapid development of Internet and wireless correspondence technology, the security of information is more and more important. Identity authentication plays an important role in protecting the secure access to data and their transmission. In the traditional system of password authentication, user's passwords are transmitted mostly through the Internet in the way of plaintext and keep constant. Even if they are encrypted and then transmitted, the keys used in encryption are also constant, which make attackers get reusable passwords through wiretapping to invade the system. One-time password system lets users log in using different passwords, which can prevent effectively replay attack and enhance the security of system. On the basis of introduction of S/key which is a one-time password authentication system, two secure defects of S/key system were pointed out. A new enhanced S/key system was put forward and its security was analyzed. |
| |
| Keywords: | One-time password Authentication Hash function |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
