S/KEY认证方案的分析与改进
殷松瑜, 徐炜民
(上海大学计算机工程学院,上海 200072 )
摘要:本文提出的改进S/KEY身份认证协议,使用随机数与机密信息进行异或运算,屏蔽重要信息防止机密泄露,实现了用户和服务器间的相互认证,认证服务器的计算负载并没有增加。本方案克服了传统S/KEY一次性口令认证方案不能抵抗重放攻击,小数攻击,冒充攻击,中间人攻击安全漏洞,有效地防止了连接劫持、协议破坏攻击等攻击手段,显著地增强了应用系统的安全性。
关键词:S/KEY身份认证; 一次性口令; 异或; 散列函数
中图法分类号: TP393108 文献标识码: A
Analysis and Improvement of S/KEY Authentication Scheme
YIN Song-yu,XV Wei-min
(School of Engineering puter Science Shanghai University , Shanghai 200072)
Abstract:This paper proposes a new improved S/KEY protocol. As is described in my authentication scheme that the random number XORed by the confidential information prevents confidential information from disclosure, and a mutual authentication between the user and the server is effectively carried out , but which do not increase the overhead of authentication server . The new S/KEY solution can not only e the vulnerabilities of security that the traditional S/KEY one-time password protocol will not help the server to resist the replay attacks, small integer attacks, personate attacks and man-in–middle attacks, but also effectively prevent the server from connection hijacking, protocal–broken and other attacks, so the improved S/KEY protocol significantly enhances the security level of application system .
Key words: S/KEY Authentication; One-Time Password; XOR ; Hash fuction
0 引言
计算机通信技术和网络的发展使得网络成为信息交换的主要手段,越来越多的企业将电子商务作为重要的运营模式。当企业用户
SKEY认证方案的分析与改进 来自淘豆网m.daumloan.com转载请标明出处.
