摘要
认证是信息安全的基础服务要求,一般是根据客户端的三个特性来设计的,即"知道什么","拥有什么","是什么"等类型的知识。文章中的认证需要运用知识,产生式规则系统具有和图灵机同等的计算能力,在文章中,产生式规则形式知识被用于认证中。根据产生式规则的理论,设计出了多种基于代数角度的规则例子,它们具有显然的单向性。并且描述了一种相应的认证算法。文章在基于产生式规则层次体系的角度,设计一次一密的认证算法时,同时从其满足完善保密性的角度,进行了理论分析。由于每次应用加密或认证时,同一个密钥都只使用一次,因此其安全性很好。动态口令系统,是为了改进静态口令的诸多缺陷。对于同样具有相当安全特性的动态口令系统,文章分析了基于S/Key算法的动态口令系统,并根据一次一密认证系统的原理,对S/Key算法进行了比较分析。
The authentication is the basic serve requirement of the information security,generally,it is designed depended on the client's 3 properties,"know what","own what","is what".The authentication in the paper needs knowledge,production rule system has the computing ability as the level of the Turing Machine,in the paper,the type of knowledge of the production rule is being used in the authentication.Based on the theory of the production rule,many kind of rules about algebra is designed,they own the obvious one-way properties.And a kind of authentication algorithm is described.Based on the production rule theories,the article described the one-time pad authentication,at the same time,analyzes the theory from the point of the perfect privacy.Because at each authentication,the same key is only once used,so the security is very good.One-time password system can improve the bugs of the static password system.The article analyzes the S/Key one-time password system.
出处
《微计算机信息》
2010年第24期41-43,共3页
Control & Automation
