摘要
该文对CHAP认证协议进行了阐述,并对其安全缺陷进行了分析。针对CHAP协议的安全缺陷,将它进行了改进,结合密码学、身份认证技术以及USB Key技术,设计了一种基于USBKey网络环境下的身份认证协议,即UBAP(USB Key-based Authentication Protocol)协议,它采用软硬件相结合的一次一密的强双因子认证模式,实现了服务器和用户双方可靠的双向身份验证,并对该协议进行非形式化的分析,证明其能够抵御重放攻击、服务器欺骗、网络监听、插入信道攻击、中间人攻击以及暴力攻击。
This paper has a thorough analysis to CHAP and points out its security flaws. By using cryptology, ID authentication technique and USB Key technique, it has been improved. Then designs UBAP protocol which is an ]D authentication protocol under environment based on USB Key. It is a one-time password authentication mode with double factors combining software with hardware, which guarantees reliable bidirectional ID authentication to both server and user. Lastly, this paper has a non-formalization analysis to UBAP, it has proved that the protocol can resist the replay attack, server-impersonated, the snoop attack, the inserting channel attack, the middle-man attack and the brute-force attack.
出处
《计算机安全》
2008年第8期45-47,51,共4页
Network & Computer Security
基金
"十一五"国家科技支撑计划项目(2006BAD10A11)
