| 一种新的双向认证的一次性口令系统TAOTP |
| |
| 引用本文: | 王涛,谢冬青,周洲仪.一种新的双向认证的一次性口令系统TAOTP[J].计算机应用研究,2005,22(9):128-130. |
| |
| 作者姓名: | 王涛 谢冬青 周洲仪 |
| |
| 作者单位: | 湖南大学,计算机与通信学院,湖南,长沙,410082;湖南大学,计算机与通信学院,湖南,长沙,410082;湖南大学,计算机与通信学院,湖南,长沙,410082 |
| |
| 基金项目: | 湖南省自然科学基金资助项目(01JJY2115) |
| |
| 摘 要: | 一次性口令系统是目前网上流行的简单用户认证方案,能够有效解决用户密码在网上明文传送的不安全性。分析了现有的几种一次性口令系统,指出服务端的不安全性、对S/KEY的小数攻击等问题,在此基础上提出并实现了双向认证一次性口令协议TAOTP(Twoway Authenticate One Time Password),采用单向函数,通过客户端和服务端实现的双向认证,解决了服务端存储用户口令的不安全性和小数攻击等问题。
|
| 关 键 词: | 用户认证 一次性口令 小数攻击 双向认证 单向函数 |
| 文章编号: | 1001-3695(2005)09-0128-03 |
| 收稿时间: | 2004-09-03 |
| 修稿时间: | 2004-10-15 |
A Type of New Two-way Authenticate One-time Password System |
| |
| WANG Tao,XIE Dong-qing,ZHOU Zhou-yi.A Type of New Two-way Authenticate One-time Password System[J].Application Research of Computers,2005,22(9):128-130. |
| |
| Authors: | WANG Tao XIE Dong-qing ZHOU Zhou-yi |
| |
| Abstract: | One-time password systems are popular simple user-authentication schemes in Internet. It can effectively resolve the un-secure way of password transfer in plan-text in Internet. This paper discussed some one-time password system, point out the defects such as un-secure server, small integer attack on S/KEY system, and so on. Also in this paper, by using hash function and implementation of client and server's two-way authentication, a framework of two-way authenticate one-time password system was carried out. It can resolve problems such as un-secure server and small integer attack. |
| |
| Keywords: | Authentication One-time Password System Small Integer Attack Two-way Authenticate Hash Function |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
