| 简单易行的S/KEY认证改进方案 |
| |
| 引用本文: | 何冰.简单易行的S/KEY认证改进方案[J].计算机应用,2011,31(4):996-998. |
| |
| 作者姓名: | 何冰 |
| |
| 作者单位: | 广西师范大学 计算机科学与信息工程学院,广西 桂林541004 |
| |
| 基金项目: | 广西师范大学青年教师科研基金资助项目 |
| |
| 摘 要: | 分析了传统S/KEY一次性口令(OTP)认证方案及现有的改进方案存在的缺陷与不足,提出了一种新的S/KEY认证改进方案。该方案以用户口令PW哈希值作为验证因子实现了双向认证,通过增加消息的完整性保护防止关键消息被伪造,并具备原有方案简单易行的特性,能有效抵御重放攻击、小数攻击和冒充攻击。
|
| 关 键 词: | 一次性口令 身份认证 S/KEY认证 |
| 收稿时间: | 2010-09-15 |
| 修稿时间: | 2010-11-19 |
Simple improvement for S/KEY authorization scheme |
| |
| HE Bing.Simple improvement for S/KEY authorization scheme[J].journal of Computer Applications,2011,31(4):996-998. |
| |
| Authors: | HE Bing |
| |
| Affiliation: | College of Computer Science and Information Technology, Guangxi Normal University, Guilin Guangxi 541004, China |
| |
| Abstract: | The author analyzed some defects of the traditional S/KEY One-Time Password (OTP) authorization scheme and recent improvements, and proposed a new S/KEY improvement scheme. The new scheme provided mutual authorization with Hash values of user password as an authentication factor. It can effectively prevent key message from being forged by adding message integrity protection. The new scheme is as simple and easy to be implemented as traditional S/KEY scheme. Additionally, it can effectively avoid replay attack, small integer attack and impersonating attack. |
| |
| Keywords: | One-Time Password (OTP) identity authorization S/KEY authorization |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
