计算机工程与应用Issue(22):126-129,4.DOI:10.3778/j.issn.1002-8331.1212-0317
基于动态ID的远程认证方案的分析和改进
Analysis and improvements of dynamic identity-based remote user authenti-cation scheme
摘要
Abstract
In this paper, Duan et al.’s scheme is analyzed. It is showed that this scheme is insecure against offline-guessing attack, replay attack, forgery attack and a session key doesn’t be provided after mutual authentication. An improved scheme is proposed that overcomes the above-mentioned security flaws with not affecting the merits of the original scheme. The proposed scheme not only allows the users to choose and change their passwords freely, but also generates a session key agreed by the user and the server.关键词
用户认证/智能卡/离线密码字猜测攻击/相互认证Key words
user authentication/smart card/offline password guessing attack/mutual authentication分类
信息技术与安全科学引用本文复制引用
屈娟,邹黎敏,谭晓玲..基于动态ID的远程认证方案的分析和改进[J].计算机工程与应用,2014,(22):126-129,4.基金项目
重庆市教育技术委员会项目(No.KJ121103);重庆三峡学院科研项目(No.11ZD-15)。 ()
