摘要
鉴于双因素认证需依赖智能卡和时钟同步问题突出,并且随机数开销大的弊端,提出了一种基于挑战应/答机制的动态口令异构机制认证方案,该方案不涉及第三方设备,通过SHA-256计算、"与"计算减轻了运算过程的开销,缩短了运算时间。同时服务器端与用户端的双向身份认证中采取随机数与Rabin加密机制加强安全性,能够有效地抵御重放攻击等各类攻击,可用于对安全性有一定要求的应用与环境。在同各类方案进行对比体现该方案优势的同时,也通过SVO逻辑方法对该方案的认证过程做了形式化的分析及论证。
Taking into account these phenomena that Two-factor authentication depends on the smart card,there is a serious clock synchronization problem,and the random number is consumed very much,a dynamic password heterogeneous mechanism authentication scheme based on challenge response mechanism is proposed.The program does not involve third-party equipment,with SHA-256 and the AND calculation reduces the overhead of the operation,shorten the operation time.At the same time,in the server and the client side of the two-way authentication to take random number and Rabin encryption mechanism to enhance security,and can effectively resist replay attacks and other types of attacks,this program can be used for applications and environments where security is required.In comparison with the various types of programs can reflect the advantages of the program,and through the SVO logic method of the program certification process to do a formal analysis and demonstration.
作者
陈如
傅明
CHEN Ru;FU Ming;(School of Computer and Communication Engineering,Changsha University of Science and Technology,Changsha, Hunan 410114, China)
出处
《计算技术与自动化》
2018年第2期83-88,共6页
Computing Technology and Automation
