摘要
根据网络和计算机分布式环境的特点,采用单钥算法和公钥算法相结合的方法设计了认证与密钥分配协议.协议采用单钥密码算法设计域内认证与密钥分配协议,而采用公钥密码算法实现域间认证和密钥交换,简化了系统的密钥管理问题.为了保证公钥的真实性,文章提出了一种适合计算机分布式环境的、可在全球扩展的分层式公钥分配架构.协议中用户采用公钥算法进行联网初始登录,代替键入口令,有效地防止口令猜测和重放攻击.
An authentication and key distribution protocol for network and distributed environment is presented by using hybrids of asymmetric cryptosystem and symmetric cryptosystem. The intra domain authentication and key distribution is based on symmetric cryptosystem, and inter domain authentication is designed by using asymmetric cryptosystem, this can simplifies key management of the system. A hierarchical certificate authority (CA) structure for distributed environment is proposed for certifying the validity of public keys. In the protocol, login based on password is replaced by initial registering based on asymmetric cryptosystem, then guessing password attack can be against effectively.
出处
《计算机学报》
EI
CSCD
北大核心
1999年第6期577-581,共5页
Chinese Journal of Computers
基金
国家自然科学基金
九五军事电子预研基金
关键词
分布式环境
密钥分配
计算机网络
密码学
Distributed environment, asymmetric cryptosystem, symmetric cryptosystem, authentication and key distribution.
