| 基于一次性口令技术的远程安全访问 |
| |
| 引用本文: | 谢方军,王大华,高志. 基于一次性口令技术的远程安全访问[J]. 小型微型计算机系统, 2003, 24(12): 2086-2087 |
| |
| 作者姓名: | 谢方军 王大华 高志 |
| |
| 作者单位: | 四川大学,四川,成都,610065 |
| |
| 基金项目: | 国家自然科学基金 (60 0 730 4 6)资助 |
| |
| 摘 要: | 针对远程安全访问中的用户鉴别问题,本文提出利用一次性口令认证产生的散列结果作为IKE协议使用的共享密钥,然后将该散列结果进行再散列后作为一次性口令计算结果,安全网关则采用相同的运算步骤,如果安全网关计算的一次性口令结果和用户传来的一次性口令相同,则安全网关将共享密钥加载到安全网关中进行安全关联的协商。此方法成功解决了对于大量远程用户的共享密钥分配问题,同时该方法不对一次性口令的安全性产生任何影响。
|
| 关 键 词: | 一次性口令 远程访问 网络安全 用户鉴别 口令认证 |
| 文章编号: | 1000-1220(2003)12-2086-02 |
Remote Secure Access Based on OTP technology |
| |
| XIE Fang-jun,WANG Da-hua,GAO Zhi. Remote Secure Access Based on OTP technology[J]. Mini-micro Systems, 2003, 24(12): 2086-2087 |
| |
| Authors: | XIE Fang-jun WANG Da-hua GAO Zhi |
| |
| Abstract: | Aimed at the problem of user authentication on remote secure access, this paper presents a method that takes the hash-result of OTP as the share-key of IKE and rehashes the hash-result sent to Secure Gateway (SG) and then SG takes the same steps above. When the hash-result of OTP calculated by SG is equal with what was transferred from users , SG loads the hash-result to IKE modules and proceeds to negotiate with the Security Association. The method successfully solves the problems of distribution of secret keys under a vast amount of remote users by means of distributing the users only usernames and passwords while distribution of a large number of share-keys is avoided. Consequently, authentication and management of remote users turns to be facilitated. At the same time, it is proved that no effect on security of OTP was produed. |
| |
| Keywords: | OTP remote access security |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
