摘要
RADIUS协议的安全性是实现Internet网络上AAA功能安全的关键问题之一。文章详细阐述了RADIUS协议特点、报文内容和认证流程;深入分析了RADIUS协议的安全性保护机制:通信双方身份认证,用户口令加密传输;最后指出RADIUS协议在通信可靠性和加密算法安全性方面的不足及改进方法。
The security of the RADIUS protocol is the key for ensuring the AAA function security in Internet. This paper expounds the characteristics, packet contents and authentication procedure of RADIUS protocol, and analyzes in depth the two security principles of RADIUS, (1) prevent the attack from wrong personator by authentication, (2) transfer encrypted password to prevent the password from interception.Finally, it points some flaws of RADIUS protocol, the communication reliability and the MD5 encryption algorithm are not perfect, and also presents the methods to for improvement.
出处
《信息安全与通信保密》
2007年第6期118-120,共3页
Information Security and Communications Privacy
关键词
RADIUS
AAA
身份认证
共享密钥
MD5算法
安全
RADIUS
AAA(Authentication Authority Accotmting)
authentication
shared secret key
MD5 arithmetic
Security