计算机工程与应用 ›› 2010, Vol. 46 ›› Issue (18): 71-73.DOI: 10.3778/j.issn.1002-8331.2010.18.023

• 网络、通信、安全 • 上一篇    下一篇

一种动态口令身份认证协议的设计与研究

王崇霞1,朱艳琴2   

  1. 1.长治学院 计算机系,山西 长治 046010
    2.苏州大学 计算机科学与技术学院,江苏 苏州 215006
  • 收稿日期:2009-11-02 修回日期:2010-03-30 出版日期:2010-06-21 发布日期:2010-06-21
  • 通讯作者: 王崇霞

Design and research of dynamic password user authentication protocol

WANG Chong-xia1,ZHU Yan-qin2
  

  1. 1.Department of Computer,Changzhi University,Changzhi,Shanxi 046010,China
    2.School of Computer Science & Technology,Soochow University,Suzhou,Jiangsu 215006,China
  • Received:2009-11-02 Revised:2010-03-30 Online:2010-06-21 Published:2010-06-21
  • Contact: WANG Chong-xia

摘要: 动态口令用户认证机制是当前身份认证技术发展的一个重要方面,在分析了SAS-2和2GS两种动态口令用户认证协议的基础上,提出了一种更安全的动态口令用户认证协议。该协议不仅能有效地抵御SAS-2协议不能抵御盗取验证因子的攻击,而且纠正了2GS协议不能实现双向认证和抵御拒绝服务攻击的缺陷,有效地保护了用户的信息,提高了网络安全。

关键词: 身份认证, 动态口令, 网络安全, 协议

Abstract: The dynamic password user authentication mechanism is an important aspect of the authentication technology development.On the basis of analyzing two protocols,SAS-2 and 2GS,this paper proposes a more secure dynamic password user authentication protocol.The new protocol not only can effectively resist the stolen-verifiers attack in SAS-2 protocol,but also can conquer the refused service attack and realize two-way authentication,which is impossible in 2GS protocol.Thus,it can protect user’s identity and improve network security.

Key words: user authentication, dynamic password, network security, protocol

中图分类号: