首页 | 本学科首页   官方微博 | 高级检索  
     

对一种身份认证协议的改进及其形式化分析①
引用本文:何丽,王立斌. 对一种身份认证协议的改进及其形式化分析①[J]. 计算机系统应用, 2010, 19(7): 47-49
作者姓名:何丽  王立斌
作者单位:华南师范大学计算机学院,广东,广州,510631
摘    要:基于口令的远程身份认证协议是目前认证协议研究的热点。2005年,Sung-WoonLee等人提出了一个低开销的基于随机数的远程身份认证协议即Lee—Kim—Yoo协议,首先分析了此协议中所存在的安全性缺陷。随后构造了一个基于随机数和Hash函数,并使用智能卡的远程身份认证协议,最后用BAN逻辑对修改后的协议进行了形式化的分析,结果表明修改后的协议能够达到协议的安全目标。

关 键 词:认证协议  拒绝服务攻击  BAN逻辑  形式化分析
收稿时间:2009-11-05
修稿时间:2009-12-30

Formal Verification and Improvement of an Authentication Protocol
HE Li and WANG Li-Bin. Formal Verification and Improvement of an Authentication Protocol[J]. Computer Systems& Applications, 2010, 19(7): 47-49
Authors:HE Li and WANG Li-Bin
Affiliation:(Dept. of Computer Science, South China Normal University, Guangzhou 510631, China)
Abstract:Password-based remote user authentication is a hotspot in authentication protocol research. The security of a proposed remote user authentication scheme, the Lee-Kim-Yoo protocol, advanced by Sung-Woon Lee is analyzed, which used nonce random and had very low computational costs. However, this scheme still has many security faults. The weakness of the scheme is demonstrated. This paper proposes an improved scheme, a novel nonce and hash-based remote user authentication scheme using smart cards and analyses the amended protocol with BAN logic. It indicates that the amended protocol can reach the goal of the protocol.
Keywords:authentication protocol  Dos attack  BAN logic  formal verification
本文献已被 维普 万方数据 等数据库收录!
点击此处可从《计算机系统应用》浏览原始摘要信息
点击此处可从《计算机系统应用》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号