期刊文献+

基于智能卡的动态身份认证机制 被引量:5

Dynamic authentication scheme based on smart card
下载PDF
导出
摘要 由于每次登录时用户提交的认证信息都是固定不变的,传统的口令认证机制容易遭受回放攻击。本文根据一个关于互素数的定理,提出了一种基于智能卡的动态身份认证机制。用户每次登录时,智能卡根据从服务器发来的challenge和事先嵌入智能卡的参数信息,为合法用户计算当前的认证信息。由于每次用户提交的认证信息都是动态可变的,从而有效地防止了回放攻击。 Traditional password authentication schemes are vulnerable to replay attacks because of the fixed password and unchanged messages submitted by users for verification. This paper proposes a dynamic identity authentication scheme through a theorem about relative prime numbers w ith the help of a smart-card. Every time a user logins into a remote system,the smart-card will compute current authentication messages according to the challenge sent from the remote system and parameters embedded into the smart card. As the message submitted by users varies randomly,the scheme can prevent replay attacks from taking place effectively.
作者 王斌 李建华
出处 《通信学报》 EI CSCD 北大核心 2003年第8期117-121,共5页 Journal on Communications
关键词 认证 口令 智能卡 回放攻击 authentication password smart card replay attack
  • 相关文献

参考文献7

  • 1WANG T Y. Password authentication using public-key encryption[A]. Proceedings of International Camahan Conference on Security Technology[C]. Zurich, Switzerland, 1983.35-38.
  • 2SHAM1R A. Identity-based cryptosystems and signature schemes[A]. CRYPTO'84[C]. New York, Berlin: Springer-Vexing, 1985.47-53.
  • 3YUH M T, JINN K J. ID-based cryptographic schemes using a non-interactive public-key distribution system[A]. Proceeding of Computer Security Applications Conference[C]. Arizona, USA,1998. 237-243.
  • 4LAMPORT L. Password authentication with insecure communications[J]. Communications of ACM, 1981, 24( 11): 770 -772.
  • 5HARN L. A public-key based dynamic password scheme[A]. Proceedings of the Symposium on Applied Computing[C]. Kansas,USA,1991. 430-435.
  • 6CHIN C C, REN J H, DANIEL J B. Using smart cards to authenticate passwords[A]. Proceedings of IEEE International Camaban Conference on Security Technology[C]. Ottawa, Canada, 1993. 154 -156.
  • 7LIN C H, CHANG C C, LEE R C T. A rccord-orientexi cryptosystem for database sharing[J]. The Computer Journal, 1992, 35(6):658-660.

同被引文献45

  • 1邱慧敏,杨义先,胡正名.一种新的基于智能卡的双向身份认证方案设计[J].计算机应用研究,2005,22(12):103-105. 被引量:9
  • 2朱浩瑾,曹珍富.基于智能卡的椭圆曲线动态身份认证体制[J].计算机工程,2006,32(2):135-136. 被引量:5
  • 3田捷,李亮,杨鑫.Fingerprint-Based Identity Authentication and Digital Media Protection in Network Environment[J].Journal of Computer Science & Technology,2006,21(5):861-870. 被引量:6
  • 4Khan M K, Alghathbar K. Cryptanalysis and Security Improvements of 'Two-factor User Authentication in Wireless Sensor Networks' [J]. Sensors, 2010, 10(3): 2450-2459.
  • 5Ronggong Song. Advanced Smart Card-based Password Authentication Protocol [J]. Comput Stand Interfaces, 2010, 32 (5) : 321-325.
  • 6Nandakumar K, Jain A, Pankanti S. Fingerprint-based Fuzzy Vault: Implementation and Performance [J]. IEEE Trans- actions on Information Forensics and Security, 2007, 2(4):744-757.
  • 7Choi Hanna, Choi Woo-yong, Moon Daesung, et al. Smartcard-based Secret Sharing for Secure Fingerprint Verification [C]//Proceedings of the 2009 Fourth International Conference on Embedded and Multimedia Computing (EM-Com 2009). Jeju: EM-COM, 2009..1-6.
  • 8Chen Chin-Ling. A Secure and Traceable E-DRM System Based on Mobile Device [J]. Expert Systems with Applications, 2008, 35(3): 878-886.
  • 9张茹,杨榆,张啸.数字版权管理[M].北京:人民邮电出版社,2008.
  • 10庞辽军.秘密共享技术及其应用[D].西安:西安电子科技大学,2006.

引证文献5

二级引证文献19

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部