摘要
分析了常用的几种一次性口令(OTP)方案,在挑战/响应方案的基础上设计了一种基于Hash函数和对称加密算法的身份认证方案。该方案不仅能够提供通信双方的相互认证,而且克服了传统挑战/应答方案的弱点,有效地保护用户身份信息,并能防止重放等攻击手段。最后对该方案的安全性和效率进行了剖析。
Some one time password(OTP)schemes are analyzed, then according to the Challenge/Response scheme, an authentication scheme based on Hash function and symmetry encryption is designed. The scheme not only provides the authentication of the two communication sides but also overcomes the weakness of the traditional Challenge/Response scheme.It can protect the identity information of the user effectively, resist playback attack, etc. In the end, the security and the efficiency of the scheme are analyzed.
出处
《信息与电子工程》
2007年第6期449-451,461,共4页
information and electronic engineering
