[an error occurred while processing this directive]
���¿��ټ��� �߼�����
   ��ҳ  �ڿ�����  ��ί��  Ͷ��ָ��  �ڿ�����  ��������  �� �� ��  ��ϵ����
�������պ����ѧѧ�� 2005, Vol. 31 Issue (10) :1076-1079    DOI:
���� ����Ŀ¼ | ����Ŀ¼ | ������� | �߼����� << | >>
������, ����ΰ*
�������պ����ѧ ������Ϣ����ѧԺ, ���� 100083
Analysis and improvements of a remote authentication scheme
Zhang Lihua, Lü Shanwei*
School of Electronics and Information Engineering, Beijing University of Aeronautics and Astronautics, Beijing 100083, China

Download: PDF (302KB)   HTML 1KB   Export: BibTeX or EndNote (RIS)      Supporting Info
ժҪ ������֤��Զ�������֤��ʵ�õķ���.������һ��������ʹ�����ܿ��Ŀ�����֤�����İ�ȫ��,ָ���÷����Dz���ȫ��:���ܵ������лỰ����,�����߿������ýػ����Ϣ���ɺϷ��ĵ�½��Ϣ��ð�Ϸ��û���½,��ͨ����֤�����Ȩ,������Ҫ֪���û�����;���ܵ�������ʱ������,�����߿��Ը��Ľػ���Ϣ��ʱ��,��ð�Ϸ��û���½Զ���������ð�Ϸ�Զ������.ͬʱ,�����½������,����һ��һ��,������һ�ָĽ���ʹ�����ܿ��Ŀ�����֤����.�÷��������û�����ѡ�񲢸��Ŀ���,ʵ����˫����֤;�ܹ������طŹ������ڲ�����,�߱�ǿ��ȫ�޸���;�ܹ��������лỰ�����͸���ʱ������,���и��õİ�ȫ��.
Email Alert
�ؼ����� �����֤   ����   ��ȫ����   ���ܿ�     
Abstract�� Password authentication scheme is a very promising and practical solution to remote user authentication.The security of a proposed password authentication scheme using smart cards is analyzed. The scheme has some weaknesses: it cannot resist parallel session attack, an intruder without knowing users' password can masquerade as a legal user by creating a valid login message from the eavesdropped communication, then passes the authentication phase and gains the authority of the legitimate user; it is also vulnerable to changing timestamps attack, an intruder can masquerade as a legal user or impersonate a valid authentication system by changing timestamps of the messages from eavesdropped communication. Furthermore, an enhanced password authentication scheme using smart cards with better security strength by using login counter and different keys via cards is proposed. The scheme has many merits as following: it lets users freely choose and change their passwords at their own will; it provides mutual authentication between two entities; it resists message replaying attack and insider attack; it has strong security reparability by using extended identities and smart cards; it also withstands parallel session attack and changing timestamps attack.
Keywords�� user authentication   password   cryptanalysis   smart cards     
Received 2004-06-09;
About author: ������(1972-),��,������ɽ��,��ʿ��, hbzlh@163.com.
������, ����ΰ.һ��Զ�������֤�����ķ�����Ľ�[J]  �������պ����ѧѧ��, 2005,V31(10): 1076-1079
Zhang Lihua, L�� Shanwei.Analysis and improvements of a remote authentication scheme[J]  JOURNAL OF BEIJING UNIVERSITY OF AERONAUTICS AND A, 2005,V31(10): 1076-1079
http://bhxb.buaa.edu.cn//CN/     ��     http://bhxb.buaa.edu.cn//CN/Y2005/V31/I10/1076
Copyright 2010 by �������պ����ѧѧ��