摘要
对挑战 /应答 (Challenge/Response)的认证机制进行了分析 ,指出其存在的缺点 ,并在此基础上 ,提出了改进方法 .给出了本地客户端静态密码和网络传输登录密码相结合的认证方式 .并利用混沌动力学方程生成混沌序列作为用户登录唯一身份标识 ,具有防窃听、防口令重放、防口令字典攻击等安全机制 ,减少登录认证交互次数 .
The paper analyzes the identity authentication mechanism based on challenge/response, finds out the drawbacks and puts forward a meliorated method. We present the identity authentication which combines static password on the local client and logon password on the network together. Meanwhile, chaotic sequence is generated as a unique identity through chaotic dynamic equation when a user logons. The sequence can against wiretap, against password reset, against attack of password dictionary, and reduces times of identity interaction.
出处
《小型微型计算机系统》
CSCD
北大核心
2003年第12期2088-2091,共4页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目 (698740 38)资助
国家高技术研究发展计划 (863计划 :863 30 6 ZD0 5 0 3 H)资助项目
