摘要
身份认证是信息安全理论和技术中非常重要的方面,传统的身份认证采用静态口令,但是静态口令一旦被截获,就极易被他人利用。一种常见的解决方法就是采用S/KEY结构一次性口令系统来实现身份认证。但此系统仍然存在服务器开销过大、单向认证及容易被冒充攻击与重放攻击等不足。在此基础上,提出了一种改进的一次性口令认证方案。与原方案相比,该方案具有效率更高、安全性更好和双向认证等优点。
Identity authentication is very important in the theory and technology of information security. Traditionally, static password is employed as the authentication way. However, the static password has its natural defect, including the risk of being cracked. To solve this problem, S/KEY OTP system is introduced. Based on analyzing the faults of S/KEY OTP system, including large overhead, one- way authentication, easy encounter of fishing attack, replay attack and so on, an improved one-time password authentication protocol is proposed. As compared with the original one, this protocol is more efficient and safe, and could achieve bidirectional authentication.
出处
《信息安全与通信保密》
2010年第11期66-67,70,共3页
Information Security and Communications Privacy
关键词
一次性口令
认证
网络安全
one-time password
authentication
network security