分布式环境中的公钥认证

Authentication Based onAsymmetric Cryptosystem in Distributed Environment

本文提出了一个适用于分布式环境的分层式公钥认证系统。系统中由验证者产生的时戳的方案解决时间同步问题,以联网初始化协议代替键入口令,有效地防止口令猜测和重放攻击。证书签发机构采用分级式管理,系统可方便地实现域间认证。

This paper presents an authentication system based on asymmetric cryptosystem for dis tributed environment. In this system,timestamps produced by user instead of nonce[3]are employed to solve the problem of time synchronization ,and password login scheme is replaced by initializa tion protocol,so guessing password attack and replay attack can be against effectively. Ahierarchi- cal organization for Certification Authority is employed,then inter-cluster authentication and inter- domain authentication can be achieved conveniently.