可分发密钥的双向口令认证方案

Mutual password authentication scheme with key distribution

下载PDF

导出

摘要研究在认证服务器拥有公私钥对和客户端有容易记忆的弱口令条件下,实现强认证和密钥交换的安全协议。对Wangr的方案进行了安全性分析,发现该协议不能抵抗许多种攻击方式。提出一种在不安全网络上集口令认证、口令更改和密钥建立的方案,通过对新方案与Hwang-Yeh方案、Peyravian-Zunic方案、Peyravian-Jeffries方案和Wang方案进行的安全性对比分析,分析结果表明新口令认证方案具有更高的安全性和实用性。 The protocols for strong authentication and key exchange are studied in asymmetric scenarios where the authentication server possesses a pair of private and public keys while the client has a weak human-memorizable password.Wang＇s password authentication scheme is analyzed in this scenario, and the results show that it is vulnerable to many attacks.A new scheme is proposed for remote user authentication, password change and session key establishment over insecure networks.According to security analysis, the proposal is resistant to known attacks and the most secure scheme among Hwang-Yeh＇s, Peyravian-Zunic＇s, Peyravian-Jeffries＇s, Wang＇s and mine authentication key.Several simple password protocols are analyzed in this scenario, and the results show that under the choice of suitable public key encryption functions the security of these protocols can be formally proven based on stanlord cryptographic assumptions.In particular, our analysis shows optimal resistance to off line password guessing attacks.

作者于昇

机构地区解放军信息工程大学电子技术学院

出处《计算机工程与设计》 CSCD 北大核心 2009年第23期5337-5339,5343,共4页 Computer Engineering and Design

基金国家973重点基础研究发展计划基金项目(TG1999035801)

关键词口令认证密钥交换哈希函数攻击认证协议 password authentication key distribution Hash function attack authentication protocol

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献8

1Lee C C, Li L H, Hwang M S. A remote user authentication scheme using hash functions [J]. ACM Operating Systems Review,2002,36(4):23-29.
2Ku W C,Chen C M,Hui L.Cryptanalysis of a variant of Peyravian-zunic's password authentication scheme[J].IEICE Transaction on Communications,2003, E86-B(5):1682-1684.
3Hwang J J, Yeh T C. Improvement on Peyravian-Zunic's password authentication schemes [J]. IEICE Transactions on Communications,2002,E85-B(4):823-825.
4Chun L L,Hwang T L.A password authentication scheme with secure password updating[J].Computers & Security,2003,22( 1 ): 68-72.
5Chang Y F, Chang C C,Liu Y L.Password authentication without the server public key[J].IEICE Transaction on Communications, 2004,E87-B(10):3088-3091.
6Peyravian M,Jeffries C.Secure remote user access over insecure networks [J].Computer Communications,2006,29(5-6):660-667.
7王邦菊,张焕国,王张宜,王玉华.一种安全的双向匿名口令认证方案[J].武汉大学学报（信息科学版）,2008,33(10):1073-1075. 被引量：3
8Dhamija R,Tygar J.The battle against phishing: dynamic security skins[C].USA:ACM,2005:77-88.

二级参考文献10

1Diffie W, Hellman M E. New Directions in Cryptography [J]. IEEE Transactions on Information Theory, 1976, IT- 22 (6): 644-654
2Lamport L. Password Authentication with Insecure Communication [J].Communications of the ACM,1981, 24:770-772
3Peyravian M, Zunic N. Methods for Protecting Password Transmission [J]. Computer & Security, 2000, 19(5):466-469
4Tsudik G. Message Authentication with One-way Hash Functions. ACM SIGCOMM Computer Communication Review, 1992, 22(5): 29-38
5Lee C C, Li L H, Hwang M S. A Remote User Authentication Scheme Using Hash Functions. ACM Operating Systems Review, 2002, 36 (4) :23- 29
6Hwang J J, Yeh T C. Improvement on Peyravian- Zunie's Password Authentication Schemes[J]. IEICE Transactions on Communications, 2002, E85-B (4) :823-825
7Chun L L, Hwang T L. A Password Authentica tion Scheme with Secure Password Updating[J]. Computers & Security, 2003, 22(1): 68-72
8Chang Y F, Chang C C, Liu Y L. Password Authentication without the Server Public Key [J]. IEICE Transaction on Communications, 2004, E87-B (10): 3 088- 3 091
9Peyravian M, Jeffries C. Secure Remote User Access over Insecure Networks [J]. Computer Communications, 2006, 29(5/6): 660-667
10Ku W C, Chen C M, Hui L. Cryptanalysis of a Variant of Peyravian-zunic's Password Authentication Scheme [J]. IEICE Transaction on Communications, 2003, E86-B (5): 1 682-1 684

共引文献2

1时向勇,李先华,郑成建.基于椭圆曲线密码体制的遥感图像加密算法[J].武汉大学学报（信息科学版）,2010,35(11):1309-1313. 被引量：3
2孙晶晶,蔡勉,赵阳.基于可信计算的云用户安全模型[J].计算机安全,2012(4):19-24. 被引量：8

1张慧.对一种门限代理签名方案的密码分析及改进[J].高师理科学刊,2009,29(5):4-7.
2王焕宝,张佑生.IKE协议的安全属性[J].计算机工程,2002,28(5):152-154. 被引量：1
3坚如磐石.9位QQ靓号要要要！[J].计算机应用文摘,2008(24):55-55.
4小培.我的音乐我控制——播放器全局热键自己打造[J].电脑应用文萃,2005(3):65-66.
5实名网址：快速，便捷是关键[J].成功营销,2005(8):94-94.
6刘志猛,赵燕丽.无线网中基于ECC的认证和密钥交换协议[J].燕山大学学报,2008,32(1):1-3.
7张建民,刘贤德,徐海峰.等级安全系统中的一种新型访问控制方案[J].计算机工程与应用,2007,43(16):156-158. 被引量：1
8吴建武.一种基于智能卡的远程口令认证方案[J].计算机工程与应用,2007,43(33):158-160. 被引量：1
9陈凯.有趣的网络域名[J].信息技术教育,2006(12):32-32.
10刘兰彬.谈如何提高技工学校计算机基础课程的教学质量[J].才智,2015(19):85-86. 被引量：2

计算机工程与设计

2009年第23期

浏览历史

内容加载中请稍等...

可分发密钥的双向口令认证方案

参考文献8

二级参考文献10

共引文献2

相关作者

相关机构

相关主题

浏览历史