| 基于混合机制的Kerberos安全性增强方案 |
| |
| 引用本文: | 庄小妹,唐西林. 基于混合机制的Kerberos安全性增强方案[J]. 计算机系统应用, 2015, 24(5): 257-260 |
| |
| 作者姓名: | 庄小妹 唐西林 |
| |
| 作者单位: | 1. 广东培正学院计算机科学与工程系,广州,510830
2. 华南理工大学理学院,广州,510640 |
| |
| 摘 要: | 针对Kerberos协议的弱点和安全性问题,提出了一个基于混合加密机制的Kerberos改进方案,目的是防范口令攻击和内部攻击。给应用服务器和AS服务器分配公钥和私钥,用户与服务器之间的会话密钥由DH密钥交换生成。给出了改进后的 Kerberos 协议的六个步骤,并对安全性进行分析。分析结果表明,新方案能够增强Kerberos协议的安全性,而且比公钥加密机制高效。
|
| 关 键 词: | 身份认证 Kerberos协议 口令攻击 内部攻击 Diffie-Hellman密钥交换协议 |
| 收稿时间: | 2014-08-27 |
| 修稿时间: | 2014-10-08 |
Enhanced Security Scheme of Kerberos Protocol Based on Hybrid Cryptosystem |
| |
| ZHUANG Xiao-Mei and TANG Xi-Lin. Enhanced Security Scheme of Kerberos Protocol Based on Hybrid Cryptosystem[J]. Computer Systems& Applications, 2015, 24(5): 257-260 |
| |
| Authors: | ZHUANG Xiao-Mei and TANG Xi-Lin |
| |
| Affiliation: | Computer Science and Engineering, Guangdong Peizheng College, Guangzhou 510830, China;School of Science, South China University of Technology, Guangzhou 510640, China |
| |
| Abstract: | Aiming at the vulnerability and security problem of Kerberos protocol, an enhanced scheme of Kerberos protocol based on hybrid cryptosystem is put forward. The aims of the improved scheme are able to defend the password attacks and the insider threads. Public keys and private keys are assigned to the application servers and the AS server, the session key between user and application server is generated by DH key exchanged algorithm. The improved Kerberos protocol is given by six steps and the security is analyzed. Analysis shows that the new scheme can enhance the security of Kerberos and is more efficient than Public key encryption mechanism. |
| |
| Keywords: | user authentication Kerberos protocol password attack insider thread Diffie-Hellman key exchanged algorithm |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《计算机系统应用》浏览原始摘要信息 |
|
点击此处可从《计算机系统应用》下载全文 |
