中国科学院软件研究所机构知识库
Advanced  
ISCAS OpenIR  > 中科院软件所  > 中科院软件所
题名:
基于口令的认证:协议和应用
作者: 陈开渠
答辩日期: 2001
专业: 计算机应用技术
授予单位: 中国科学院软件研究所
授予地点: 中国科学院软件研究所
学位: 博士
关键词: 口令 ; 认证协议 ; Diffie-Hellman问题 ; 猜测攻击
摘要: 口令是一种常用的认证机制,为了提高安全性,人们基于口令设计了大量的认证机制,但现有的基于口令的认证机制大都存在猜测攻击的隐患。本文旨在Diffie-Hellman密钥交换协议的基础上设计一个基于口令的认证机制,其特点是能够防止猜测攻击。根据用户-用户和客户端-服务器这两种不同的认证环境,本文提出了对称的SymPassword协议和非对称的AsyPassword协议,分别适应于这两种环境。AsyPassword在服务器被攻破的情况下,仍然具有一定的安全性,但是复杂度比SymPassword要高一点。在随机预言机安全通信模型上,本文证明了SymPassword和AsyPassword是符合要求的基于口令的认证密钥交换协议。本文在IPSec的密钥交换协议IKE中引入了基于SymPassword和AsyPassword的两种认证方式,在TLS中引入了基于AsyPassword的认证方式。
英文摘要: Password is widely used as an authentication mechanism. But nowadays most password-based authentication protocol are not secure against Guessing Attack. For this reason, we modify the famous Diffie-Hellman Key Exchange to provide password-based authenticated key exchange against Guessing Attack. We design two protocol: SymPassword and AsyPassword. They suit for symmetric user-user authentication and asymmetric client/server authentication, respectively. The AsyPassword protocol can provide some security against server compromise, but is more complex than SymPassword. On the Random Oracle Model which focuses on distributed security communication, we prove that SymPassword and AsyPassword are both secure password-based authenticated key exchange protocol. At last, we modify the IKE protocol to add two authentication methods which are based on SymPassword and AsyPassword respectively, and modify TLS protocol to add an authentication method which is based on AsyPassword.
语种: 中文
内容类型: 学位论文
URI标识: http://ir.iscas.ac.cn/handle/311060/7666
Appears in Collections:中科院软件所

Files in This Item:
File Name/ File Size Content Type Version Access License
LW004444.pdf(832KB)----限制开放-- 联系获取全文

Recommended Citation:
陈开渠. 基于口令的认证:协议和应用[D]. 中国科学院软件研究所. 中国科学院软件研究所. 2001-01-01.
Service
Recommend this item
Sava as my favorate item
Show this item's statistics
Export Endnote File
Google Scholar
Similar articles in Google Scholar
[陈开渠]'s Articles
CSDL cross search
Similar articles in CSDL Cross Search
[陈开渠]‘s Articles
Related Copyright Policies
Null
Social Bookmarking
Add to CiteULike Add to Connotea Add to Del.icio.us Add to Digg Add to Reddit
所有评论 (0)
暂无评论
 
评注功能仅针对注册用户开放,请您登录
您对该条目有什么异议,请填写以下表单,管理员会尽快联系您。
内 容:
Email:  *
单位:
验证码:   刷新
您在IR的使用过程中有什么好的想法或者建议可以反馈给我们。
标 题:
 *
内 容:
Email:  *
验证码:   刷新

Items in IR are protected by copyright, with all rights reserved, unless otherwise indicated.

 

 

Valid XHTML 1.0!
Copyright © 2007-2017  中国科学院软件研究所 - Feedback
Powered by CSpace