J4 ›› 2011, Vol. 33 ›› Issue (1): 51-55.doi: 10.3969/j.issn.1007130X.2011.
• 论文 • 上一篇 下一篇
王松波
收稿日期:
修回日期:
出版日期:
发布日期:
通讯作者:
作者简介:
基金资助:
湛江师范学院博士专项研究项目(ZW0707)
WANG Songbo
Received:
Revised:
Online:
Published:
摘要:
本文针对YoonYoo远程用户身份认证方法隐藏的伪装用户攻击、伪装服务器攻击和窃取校验机攻击的安全缺陷,利用随机数多次哈希运算提出一种改进的远程用户身份认证方法。本算法能够解决YoonYoo方法的安全缺陷,同时又能保持其优点。因此,该方法具有更稳定的安全性,为电子商务等领域提供了远程用户身份认证的有效解决方案。
关键词: 身份认证, 安全缺陷, 伪装用户攻击, 伪装服务器攻击, 窃取校验机攻击
Abstract:
For some security flaws that lie hidden in the YoonYoo’s user authentication scheme such as masquerading user attack, masquerading server attack and stolen verifier attack, this paper proposes a new remote user authentication scheme using random numbers to repeat hash operations. This scheme resolves all the aforementioned problems, while keeping the merits of YoonYoo’s scheme. Therefore, this scheme has a more stable security, and provides an effective solution of remote user authentication for electronic commerce.
Key words: authentication;security flaws;masquerading user attack;masquerading server
王松波. 一种改进的远程用户身份认证方法[J]. J4, 2011, 33(1): 51-55.
WANG Songbo. An Improved Remote User Authentication Scheme[J]. J4, 2011, 33(1): 51-55.
0 / / 推荐
导出引用管理器 EndNote|Ris|BibTeX
链接本文: http://joces.nudt.edu.cn/CN/10.3969/j.issn.1007130X.2011.
http://joces.nudt.edu.cn/CN/Y2011/V33/I1/51