论文部分内容阅读
由于网络安全的需要,利用智能卡的双因子身份鉴别方案越来越受到重视。首先分析了Wang Yan-yan等人提出的基于动态ID的远程用户身份认证方案的安全性,指出其方案的安全缺陷是不能抵抗离线的口令猜测攻击;随后提出了一种改进的方案,改进之后的方案能有效抵抗重放攻击、离线口令猜测攻击、假冒服务器/用户攻击。经过安全分析,新的方案在保留了原方案优点的同时,具有了更高的安全性。
Due to the need of network security, the use of smart card two factor authentication scheme more and more attention. Firstly, the security of remote user authentication scheme based on dynamic ID proposed by Wang Yan-yan et al is analyzed. The security flaw of the scheme is that it can not resist the offline password guessing attack. Then an improved scheme is proposed. After the improvement The program can effectively resist replay attacks, offline password guessing attacks, counterfeit server / user attacks. After security analysis, the new program retains the advantages of the original program at the same time, with a higher degree of security.