论文部分内容阅读
智能卡与口令相结合的身份认证方式既可保留使用强密钥优势,又具有使用方便的特点,是一种理想的安全双因子认证方式。当前许多公开的口令认证方案,要么需要较强的计算环境而难于采用智能卡快速实现,要么不能抵抗离线口令猜测攻击或服务端内部攻击而存在安全缺陷。提出一种非平衡型口令认证方案,基于智能卡和用户口令双因子设计,具有简便高效、口令安全、双向认证特点,能够抵御离线口令猜测攻击和服务端内部攻击,可用于满足设备开机时的安全认证需求。
The combination of smart card and password authentication can not only retain the advantage of using strong key, but also have the characteristics of being easy to use. It is an ideal way to secure two-factor authentication. At present, many open password authentication schemes require either a strong computing environment and hard-to-implement smart card implementations, or they can not resist offline password guessing attacks or server-side attacks with security flaws. An unbalanced password authentication scheme based on two-factor design of smart card and user password is proposed. The scheme is simple and efficient, has password security and two-way authentication and can resist off-line password guessing attacks and server-side internal attacks. Certification requirements.