摘要
身份验证是网络应用系统中的第一道防线,目的是验证通信双方的身份,防止非法用户窃取和假冒合法用户。尽管通过口令是最方便的身份验证方法,但它也伴随着字典攻击的威胁。分析了常用的几种一次性口令身份认证方案,在挑战-响应方案基础上,利用安全单向哈希函数提出并设计了一种新型身份验证方案。该方案不仅明显减少了认证服务器的开销,而且能有效地抵御字典攻击、拒绝服务攻击等攻击手段,显著增强了应用系统的安全性。
Authentication is the first line of defence in the network application system.The aim is authenticating the identification of both side of communication and preventing illegal users to filch and masquerade genuine users.Though passwords are themost convenient means of authentication, they bring along themselves the threat of dictionary attacks.Several typical authentication protocols are analyzed.On the basis of challenge-response system a new type of authentication scheme by using one way hash functions is proposed and constructed.The scheme can not only reduce the overhead of the server obviously, but also counter the online dictionary attacks and denial of service(DoS) attacks and so on.The security of the application system greatly is enhanced.
作者
王春晓
张鹏
WANG Chun-xiao, ZHANG Peng(1.Computer Science and Technology College, Harbin University of Science and Technology, Harbin 150080, China;2.Department of Mechanical Engineering, First Aeronautical Institute of Air Force, Xinyang 464000, China)
出处
《电脑知识与技术》
2010年第1期56-58,共3页
Computer Knowledge and Technology
关键词
身份验证
在线字典攻击
哈希函数
密码协议
口令
authentication
online dictionary attacks
hash functions
cryptographic protocol
passwords
