摘要
在分析现有基于挑战/应答一次性口令方案不足的基础上,设计了一种新的基于hash函数和公开密钥加密算法的一次性口令身份认证方案。该方案不仅能够提供通信双方的相互认证、避免各种攻击,而且克服了传统挑战/应答方案认证开销大的缺点,有效地保护了用户身份信息,能防止重放攻击等攻击手段。最后对方案的安全性和效率作了分析。
Analyzed some shortages of the existing one-time password based on challenge/response authentication protocols,and designed a new one-time password authentication scheme based on hash function and public key encryption,which provi-ded client/server with mutual authentication and could avoid different attacks.It also overcame the existing challenge/response protocol weakness of server s overhead and could protect user s identity.Finally,analyzed its security and efficiency character.
出处
《计算机应用研究》
CSCD
北大核心
2009年第2期716-718,共3页
Application Research of Computers
基金
国家社会科学基金资助项目(07CTQ006)
辽宁省自然科学基金资助项目(2051066)
