| 私钥存储服务安全的研究 |
| |
| 引用本文: | 曹璞,吕丽民. 私钥存储服务安全的研究[J]. 浙江工业大学学报, 2003, 31(1): 67-70 |
| |
| 作者姓名: | 曹璞 吕丽民 |
| |
| 作者单位: | 浙江工业大学,信息学院,,浙江,杭州,310032 |
| |
| 摘 要: | 在公钥密码系统中加密和解密算法是公开的,因此私钥存储管理成了公钥系统安全中薄弱的环节,文章对公开密钥系统中的常见的用户私钥存储技术进行了比较分析,服务器存储私钥在目前是一种较实用可行方案,但是和所有用口令方式一样,基于用户低质量的口令事实,私钥存储服务容易受到攻击者利用字典对用户口令进行猜测,针对攻击者对用户加密私钥的口令进行猜测攻击,文章给出了屏蔽可验证文字,在消息交互中使用高质量的密钥来保护用户口令生成的低质量密钥的私钥存储服务方案,有效地防止了猜测攻击。
|
| 关 键 词: | 私钥存储服务 口令猜测 可验证文字 私钥存储管理 公钥密码 网络安全 |
| 文章编号: | 1006-4303(2003)01-0067-04 |
| 修稿时间: | 2002-03-12 |
Study on security of private key storage service |
| |
| CAO Pu,LU Li|min. Study on security of private key storage service[J]. Journal of Zhejiang University of Technology, 2003, 31(1): 67-70 |
| |
| Authors: | CAO Pu LU Li|min |
| |
| Abstract: | As the encryption algorithm and decryption algorithm are open to everyone, so the private key storage management becomes an insecure part in public key system. In this paper, we compare some common technologies of private key storage management. The PKSS (private key storage service) is a feasible scheme at present. However the passwords that users choose to protect private key in PKSS are often with low security quality. So the PKSS is also vulnerable by dictionary guess method. To prevent attackers from using dictionary guess method to analyse the private key that is encrypted by user's password phrase, a private key storage service scheme is designed that will shield the validateable text and protect the low quality key by high quality key in message exchange.It can effectively stop password guess analysis. |
| |
| Keywords: | private key storage service password guess validatable text |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
