| 一个强口令认证协议的漏洞研究 |
| |
| 引用本文: | 程英,高庆德.一个强口令认证协议的漏洞研究[J].计算机科学,2009,36(10):106-107. |
| |
| 作者姓名: | 程英 高庆德 |
| |
| 作者单位: | 1. 解放军63880部队研究所,洛阳,471003
2. 解放军外国语学院军事情报系,洛阳,471003 |
| |
| 基金项目: | 国家863项目(2007AA01Z2a1)资助 |
| |
| 摘 要: | 研究了基于散列函数的强口令密码认证协议,分析了目前该类协议中具有较高安全性的SPAS协议。虽然协议具有较高的安全性,但是通过分析发现协议还是存在安全漏洞。存在安全缺陷的主要原因是协议中使用的密码技术过于单一。该类协议中,如果不使用其它密码技术,很难使协议达到安全。
|
| 关 键 词: | 散列函数 认证协议 SPAS协议 |
| 收稿时间: | 2008/12/3 0:00:00 |
| 修稿时间: | 2009/2/13 0:00:00 |
Study of the Hole of Strong Password Authentication Protocol |
| |
| CHENG Ying,GAO Qing-de.Study of the Hole of Strong Password Authentication Protocol[J].Computer Science,2009,36(10):106-107. |
| |
| Authors: | CHENG Ying GAO Qing-de |
| |
| Affiliation: | The PLA 63880 Unite Research Center;Luoyang 471003;China;The PLA Foreign Langue University;China |
| |
| Abstract: | Studied a strong password authentication protocol based on hash function,by analyzing the security of SPAS protocol among this kind of protocols.Although the SPAS is designed meticulously and regarded as more secure,but we also find some secure vulnerability in it.Using single cryptography technology induces this protocol has secure leak.At last we can prove that if this kind of protocol uses single cryptography technology,it can't produce a secure protocol. |
| |
| Keywords: | Hash function Authentication protocol Strong password authentication protocol |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机科学》浏览原始摘要信息 |
|
点击此处可从《计算机科学》下载全文 |
|
