| 一次性口令认证方案的研究与改进 |
| |
| 引用本文: | 柳景超,宋胜锋.一次性口令认证方案的研究与改进[J].计算机与网络,2010(7):60-62. |
| |
| 作者姓名: | 柳景超 宋胜锋 |
| |
| 作者单位: | 海军工程大学电子工程学院,湖北武汉430033 |
| |
| 基金项目: | 湖北省自然科学基金资助基金号2006ABA009 |
| |
| 摘 要: | 研究了动态口令技术,分析了文献4]中一个简单的一次性口令认证方案,发现原方案不能抵御冒充服务器攻击并且认证信息以明文方式进行传输,通过引入公钥加密算法对原方案进行改进,改进的方案不仅能防止重放攻击,而且能够抵御冒充服务器攻击,具有更高的安全性。
|
| 关 键 词: | 身份认证 一次性口令 公钥加密 冒充服务器攻击 |
Research and Improvement on One-Time Password Authentication |
| |
| Liu Jing-chao Song Sheng-feng.Research and Improvement on One-Time Password Authentication[J].China Computer & Network,2010(7):60-62. |
| |
| Authors: | Liu Jing-chao Song Sheng-feng |
| |
| Affiliation: | Liu Jing-chao Song Sheng-feng (College of Electronic Engineering, Naval University of Engineering, Wuhan Hubei 430033, China) |
| |
| Abstract: | The OTP technology is studied, and the remote dynamic password authentication scheme mentioned in Ref 4] is analyzed. It is found that the scheme can't resist the imitate server attack and authentication message isn't be encrypted when it is transproted in the network. An improved scheme is designed by using public key encryption. The new scheme not only overcomes the security problem of the original one but also holds all the security characteristics of the original scheme. |
| |
| Keywords: | Identity Authentication One-time password Public Encryption Imitate Server Attack |
| 本文献已被 维普 等数据库收录! |
