| 一种增强的智能卡口令认证方案 |
| |
| 引用本文: | 张利华. 一种增强的智能卡口令认证方案[J]. 计算机工程与应用, 2004, 40(31): 137-138,212 |
| |
| 作者姓名: | 张利华 |
| |
| 作者单位: | 北京航空航天大学,北京,100083;华东交通大学,南昌,330013 |
| |
| 基金项目: | 华东交通大学科研基金项目(编号:2003) |
| |
| 摘 要: | Hwang等人提出了基于ElGamal算法的智能卡口令认证方案,其安全性依赖于计算有限域上离散对数的难度。Chan等人分析了该方案的安全缺陷,并进行了改进。最近,Awasthi等人指出了改进方案中的安全缺陷,并提出了一种新方案,但新方案仍然存在缺陷。针对新方案的缺陷,基于“一次一密”和“动态口令”,提出了一种增强的智能卡口令认证方案。该方案允许用户自由选择口令,能够抵御重放攻击、内部攻击,能双向认证,具备强安全修复性。
|
| 关 键 词: | 智能卡 安全分析 双向认证 一次一密 动态口令 |
| 文章编号: | 1002-8331-(2004)31-0137-02 |
An Enhanced Remote User Authentication Scheme Using Smart Cards |
| |
| Zhang Lihua. An Enhanced Remote User Authentication Scheme Using Smart Cards[J]. Computer Engineering and Applications, 2004, 40(31): 137-138,212 |
| |
| Authors: | Zhang Lihua |
| |
| Abstract: | Hwang et al propose a remote authentication scheme using smart cards.This scheme is based on the ELGamal's public key cryptosystem.Chan et al analyze the scheme and propose an improved password based on remote user authentication scheme using smart card.Recently,Awasthi et al pointe out that Chan et al's scheme is insecure,and propose a new scheme.In this paper,the security of Awasthi et al's scheme is analyzed.It demonstrates that Awasthi et al's scheme still has some weaknesses and cannot achieve the security requirement as their claims ,and presents an enhanced scheme based on one-time key and dynamic password.This scheme has many achievements.The important merits include:user can freely choose their passwords,it provides mutual authentication between the user and server,it can resist the replay attack,inside attack,and has strong reparability. |
| |
| Keywords: | smart cards cryptanalysis mutual authentication one-time key dynamic password |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
