摘要
针对嵌入式系统资源受限的特点,结合一次性口令OTP(One Time Password)认证方案的基本原理,研究了一种新型的适用于嵌入式操作系统的一次性口令身份认证方案——EOS-OTP(Embedded Operating System One Time Password)。EOS-OTP方案采用椭圆曲线加密算法ECC,在保证完成一次性口令认证基本功能的前提下,提供了客户端/服务器之间的互相认证。该方案认证步骤简单、运算量较小、可以有效的保护用户的信息,能有效的防止重放攻击、冒充攻击等攻击手段。实验中,选择目前比较流行的Android嵌入式操作系统来验证EOS-OTP方案相对于传统的一次性口令认证方案S/KEY、SAS、SAS-2的区别,在Android平台上用java编程实现四种方案,实验结果表明,EOS-OTP方案在不降低安全性的前提下,提高了运行效率。
According to the characteristics of the embedded system resource constraints, combined with the basic principles of OTP (one time password) authentication, a new type of onetime password authentication scheme for embedded operating sys- tem- EOS-OTP (embedded operating system one time password) is researched. EOS-OTP scheme adopts the elliptic curve encryption algorithm ECC and provides client/server with mutual authentication under the premise of finishing the basic function of one-time password authentication. The authentication procedure is simple and small amount of calculation, the scheme can protect user information effectively and prevent the replay attack, personating attack, etc. choose relatively popular Android embedded operating system to verify EOS-OTP scheme compared with the traditional onetime password authentication scheme S/KEY, SAS, SAS-2 in experiment, four kinds of schemes with Java programming based on Android platform is realized, the experiment prove the EOS-OTP scheme improved the operation efficiency under the premise of without reducing security.
出处
《计算机工程与设计》
CSCD
北大核心
2013年第4期1212-1216,共5页
Computer Engineering and Design
基金
山西省留学基金项目(2009-28)
山西省自然科学基金项目(2009011022-2)
