摘要
口令认证作为一种简单易用的认证方式,被广泛应用于各种认证场合。最近几年,很多口令认证协议被提出来。2004年Kim和Choi提出一种经典的PAP口令认证协议,这种协议被引入802.11标准之中。随后这种协议被证明不能够抵抗离线字典攻击和重放攻击。2006年Ma等人提出这种协议的改进,随后Yoon等人证明Ma等人提出的协议仍然不能够抵抗离线字典攻击,并提出了改进。对Yoon等人提出的协议进行了分析,指出Yoon等人提出的协议仍然不能够抵抗离线字典攻击,提出了攻击模式。并对Yoon等人提出的协议进行了改进,提出一种T-PAP协议,能够抵抗离线字典和重放攻击。
Password authentication has been widely applied in various certification occasions because it is easy-to-use.In recent years,a lot of password authentication protocols have been proposed.In 2004,Kim and Choi proposed a classic PAP password authentication protocol which has been introduced into the 802.11.Subsequently this protocol was proved that can’t resist offline dictionary attacks and replay attacks.In 2006,Ma et al proposed an improvement protocol of this agreement.And Yoon et al proved that the agreement proposed by Ma et al are still not able to resist offline dictionary attacks,and propose an improved protocol.In this paper we analysis the protocol proposed by Yoon et al and pointed out that the protocol still can’t resist offline dictionary attack,and propose an attack mode.We proposed a T-PAP protocol which can resist offline dictionary and replay attacks.
出处
《计算机安全》
2012年第6期10-13,共4页
Network & Computer Security
关键词
口令
认证
信息安全
password; authentication; information security;
