计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (19): 81-84.DOI: 10.3778/j.issn.1002-8331.2010.19.023

• 网络、通信、安全 • 上一篇    下一篇

Schnorr 协议的一次一密双重身份认证研究

张小红1,2,樊中奎1,钟小勇3   

  1. 1.江西理工大学信息工程学院,江西赣州341000
    2.北京邮电大学信息安全中心,网络和交换技术国家重点实验室,北京100876
    3.赣州有色冶金研究所,江西赣州341000
  • 收稿日期:2008-12-19 修回日期:2009-02-26 出版日期:2010-07-01 发布日期:2010-07-01
  • 通讯作者: 张小红

Double identity authentication system of one-time pad based on Schnorr protocol

ZHANG Xiao-hong1,2,FAN Zhong-kui1,ZHONG Xiao-yong3   

  1. 1.School of Information Engineering,Jiangxi University of Science and Technology,Ganzhou,Jiangxi 341000,China
    2.State Key Lab of Networking & Switching Technology,Beijing University of Posts & Telecommunications,Beijing 100876,China
    3.Ganzhou Nonferrous Metallurgy Research Institute,Ganzhou,Jiangxi 341000,China
  • Received:2008-12-19 Revised:2009-02-26 Online:2010-07-01 Published:2010-07-01
  • Contact: ZHANG Xiao-hong

摘要: 针对当前B/S 模式下公共网络中进行身份认证的安全问题,设计了使用静态口令和动态口令结合进行一次一密身份认证的方案,它将认证服务器与应用程序服务器分离,使静态口令认证在安全通道内进行,有效保障口令的安全。动态口令认证采用著名的Schnorr 身份认证协议,其私钥采用复杂的混沌序列生成以确保密钥敏感安全性,结合Java Applet 技术对公共网络上传输的信息采用对称DES 算法加密,提升了整个系统的可靠性。研究方案最后通过实例验证了系统的可行性和安全保障性。

Abstract: In view of the security problem which is induced by the public network transmission in current B/S architecture
system,this paper proposes an identity authentication project which combines the static password and the dynamic password
to realize one-time pad.It separates the authentication server and application server,puts the static passwords identify in private
safe channel which can protect the static password security effectively,in addition dynamic password authentication is
designed with the well-known Schnorr protocol,in order to make the private key sensitive by adopting complex chaotic sequence.
Combined with Java applet technology and symmetrical DES encryption algorithms in the public network transmission,
the system security is advanced.Some examples are tested and indicated this novel scheme is feasible and credible.

中图分类号: