期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

安全的非智能卡匿名口令认证方案 被引量:2

Secure password-based authentication scheme with anonymous identity without smart cards
下载PDF
导出
摘要 对Rhee-Kwon-Lee非智能卡(SC)口令认证方案进行安全分析发现,此方案易受内部攻击,不能实现口令自由更换,并且计算效率不高。基于此提出了一种新的基于散列函数的非SC匿名口令认证方案,新方案采用匿名身份与口令混淆,并结合时间戳来提高安全性和计算效率。新方案弥补了Rhee-Kwon-Lee方案的安全缺陷。而且,与其他同类非SC方案相比较,新方案支持文中理想的非SC口令认证方案的所有安全需求,安全性能最好且计算量小。 Rhee-Kwon-Lee's password-based scheme without using smart cards is vulnerable to insider attack, password can't be changed freely, and its computational cost is high. In order to fix all these security flaws, a new password-based authentication scheme with anonymous identity without using smart cards was presented. The security and computational efficiency of our scheme were improved by confusing the anonymous identity with user's password and taking use of the fimestamp. According to comparisons with other password authentication schemes without smart cards, our scheme not only fixes weaknesses of Rhee-Kwon-Lee's scheme, but also satisfies all the security requirements for ideal password authentication without smart cards and is the better one in security performance and computational cost.
作者 王邦菊 张焕国 王玉华
机构地区 武汉大学计算机学院空天信息安全及可信计算教育部重点实验室 华中农业大学理学院 河南工业大学信息科学与工程学院
出处 《通信学报》 EI CSCD 北大核心 2008年第10期70-75,共6页 Journal on Communications
基金 国家自然科学基金资助项目(60373087,60473023)~~
关键词 口令 口令认证 散列函数 攻击 智能卡 password password authentication hash function attack smart card
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献16

  • 1LAMPORT L. Password authentication with insecure communication[J]. Communications of the ACM, 1981, 24: 770-772.
  • 2PEYRAVIAN M, ZUNIC N. Methods for protecting password transmission[J]. Computer & Security, 2000, 19 (5): 466-469.
  • 3HWANG J J, YEH T C. Improvement on peyravian-Zunic's password authentication schemes[J]. IEICE Transactions on Communications, 2002,85 (4): 823-825.
  • 4PEYRAVIAN M, JEFFRIES C. Secure remote user access over insecure networks[J]. Computer Communications, 2006, 29(5-6): 660-667.
  • 5KU W C, CHEN C M, HUI L. Cryptanalysis of a variant of ieyravian-zunic's password authentication scheme[J]. IEICE Transaction on Communications, 2003, E86-B (5): 1682-1684.
  • 6TSENG Y M, JAN J K, CHIEN H Y. On the security of methods for protecting password transmission[J]. Informatica, 2001, 12(3): 469477.
  • 7CHUN L L, HWANG T L. A password authentication scheme with secure password updating[J]. Computers & Security, 2003, 22(1): 68-72.
  • 8CHANG Y F, CHANG C C, LILT Y L. Password authentication with-out the server public key[J]. IEICE Transaction on Communications. 2004, 87 (10): 3088-3091.
  • 9YOON E J, RYU E K, YOO K Y. A secure user authentication scheme using hash functions[J]. ACM Operating Systems Review, 2004, 38(2): 62-68.
  • 10KU W C, CHIANG M H, CHANG S T. Weaknesses of Yoon-Ryu- Yoo's hash-based password authentication scheme[J]. ACM Operating Systems Review, 2005, 39(1): 85-89.

同被引文献24

  • 1田捷,李亮,杨鑫.Fingerprint-Based Identity Authentication and Digital Media Protection in Network Environment[J].Journal of Computer Science & Technology,2006,21(5):861-870. 被引量:6
  • 2Lamport L. Password authentication with insecure communieation [ J ]. Commun ACM, 1981,24 ( 11 ) :770 - 772.
  • 3Jablan D P. Strong password - only authenticated key exchange [ J ]. Computer Communication Review, 1996,26 (5):5-26.
  • 4Wu T C,Sung H S. Authenticating passwords over an insecure channel [ J]. Computers and Security, 1996, 15 (5) :431 -439.
  • 5Dodis Y, Reyzin L, Smith A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data [ C ]//Cachin, J. camenisch. 23rd Annual Eurocrypt Con- ference. Interlaken, SWITZERLAND. [ S. 1. ] : [ s. n. ], 2004:523 - 540.
  • 6Dodis Y, Ostrovsky R, Reyzin L. Fuzzy extractors : How to generate strong keys from biometrics and other noisy data [J]. Siam Journal on Computing,2008,38( 1 ) :97 - 139.
  • 7Yao A C. THEORY AND APPLICATIONS OF TRAP- DOOR FUNCTIONS [ C]//23rd Annual Symposium on Foundations of Computer Science. Chicago : IEEE, 2003 : 80 -91.
  • 8Nisan N,Zuckerman D. Randomness is linear in space [ J]. Journal of Computer and System Sciences, 1996,52 (1) :43 -52.
  • 9Boyen X, Dodis Y, Katz J. Secure remote authentication using biometric data [ J ]. Advances in Cryptology, 2005, 3494 : 147 - 163.
  • 10Dodis Y, Katz J, Reyzin L. Robust fuzzy extractors and authenticated key agreement from close secrets [ C ]// 26th Annual International Cryptology Conference. CRYPTO 2006, August 20,2006 - August 24,2006. Seattle, WA, United states. [ S. l. ] : Springer Verlag, 2006 : 232 - 250.

引证文献2

二级引证文献3

通信学报
2008年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部