| 新型S/KEY认证方案的分析与设计 |
| |
| 引用本文: | 谢志强,郭军,杨静.新型S/KEY认证方案的分析与设计[J].计算机工程,2009,35(5):175-176. |
| |
| 作者姓名: | 谢志强 郭军 杨静 |
| |
| 作者单位: | 1. 哈尔滨理工大学计算机科学与技术学院,哈尔滨,150080
2. 哈尔滨工程大学计算机科学与技术学院,哈尔滨,150001 |
| |
| 基金项目: | 国家自然科学基金,黑龙江省自然科学基金,黑龙江省教育厅海外学人重点科研基金 |
| |
| 摘 要: | 分析传统S/KEY型一次性口令认证系统的缺陷,提出一种新型的S/KEY认证方案,实现客户端与服务器的双向认证,可进行会话密钥协商,且每次认证产生不同的会话密钥。该方案可有效抵御重放攻击、小数攻击、破坏协议攻击和冒充攻击,对中间人攻击也有较强的防御作用。
|
| 关 键 词: | 一次性口令 身份认证 S/KEY认证 |
| 修稿时间: | |
Analysis and Design of New S/KEY Authorization Solution |
| |
| XIE Zhi-qiang,GUO Jun,YANG Jing.Analysis and Design of New S/KEY Authorization Solution[J].Computer Engineering,2009,35(5):175-176. |
| |
| Authors: | XIE Zhi-qiang GUO Jun YANG Jing |
| |
| Affiliation: | 1.College of Computer Science and Technique;Harbin University of Science and Technology;Harbin 150080;2.College of Computer Science and Technique;Harbin Engineering University;Harbin 150001 |
| |
| Abstract: | This paper analyzes some defects of the traditional S/KEY One-Time Password(OTP) authorization system,and proposes a new S/KEY authorization solution.Mutual authorization between clients and the server and session key agreement is carried out,and new session key is produced in each authorization.The new S/KEY solution can effectively resist replay attacks,small integer attacks,protocol-broken attacks and personate attacks,and especially has some effects against the man-in-the-middle attacks. |
| |
| Keywords: | One-Time Password(OTP) identity authorization S/KEY authorization |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机工程》浏览原始摘要信息 |
|
点击此处可从《计算机工程》下载全文 |
