机构地区: 东北大学
出 处: 《小型微型计算机系统》 2003年第12期2088-2091,共4页
摘 要: 对挑战 /应答 (Challenge/Response)的认证机制进行了分析 ,指出其存在的缺点 ,并在此基础上 ,提出了改进方法 .给出了本地客户端静态密码和网络传输登录密码相结合的认证方式 .并利用混沌动力学方程生成混沌序列作为用户登录唯一身份标识 ,具有防窃听、防口令重放、防口令字典攻击等安全机制 ,减少登录认证交互次数 . The paper analyzes the identity authentication mechanism based on challenge/response, finds out the drawbacks and puts forward a meliorated method. We present the identity authentication which combines static password on the local client and logon password on the network together. Meanwhile, chaotic sequence is generated as a unique identity through chaotic dynamic equation when a user logons. The sequence can against wiretap, against password reset, against attack of password dictionary, and reduces times of identity interaction.
关 键 词: 身份认证机制 混沌理论 口令 修正函数 安全机制 网络安全
领 域: [自动化与计算机技术] [自动化与计算机技术] [理学] [理学]