[an error occurred while processing this directive]
���¿��ټ��� �߼�����
   ��ҳ  �ڿ�����  ��ί��  Ͷ��ָ��  �ڿ�����  ��������  �� �� ��  ��ϵ����
�������պ����ѧѧ�� 2008, Vol. 34 Issue (09) :1037-1040    DOI:
���� ����Ŀ¼ | ����Ŀ¼ | ������� | �߼����� << | >>
�������պ����ѧ ������Ϣ����ѧԺ, ���� 100191
Improvement of remote user authentication schemes using passwords
Hu Ronglei, Liu Jianwei, Zhang Qishan*
School of Electronics and Information Engineering, Beijing University of Aeronautics and Astronautics, Beijing 100191, China

Download: PDF (0KB)   HTML 1KB   Export: BibTeX or EndNote (RIS)      Supporting Info
ժҪ ������֤��Զ�������֤����Ҫ�ķ���.������һ�ֻ���hash����ǿͼ�ο���Զ����֤����,ָ���÷������ֿܵ�У��ֵ��ʧ����:���������ÿ���У��ֵ���Լ�ð������,��ƭ�Ϸ��û�������֤��Ϣ,���ɵ�¼��Ϣ��ð�û���¼,��ͨ����֤�����Ȩ,������֪���û�����.���������ܿ���Ӧ��,���һ�ָĽ�����.���ܿ������洢��������֤��Ϣ,ʵ�����û��ͷ�������˫����֤,�����߲���ð����������û����κ�һ��,���ҹ����ߴӽػ����Ϣ�в��ܻ�����õ��û���֤��Ϣ.�Ľ�����������ԭ�����ֿ��طš��ܾ����񡢿���²⡢α�졢�����ļ���ʧ�Լ��ڲ��������ص�,���ܹ��ֿ�У��ֵ��ʧ�����ܿ���ʧ����,���и��õİ�ȫ��.
Email Alert
�ؼ����� ����   ��֤   У��ֵ��ʧ����   ���ܿ�     
Abstract�� Password authentication scheme is a promising and practical solution to remote user authentication. The security of an authentication scheme using strong graphical passwords basing on hash function was analyzed. The scheme can not resist to stolen-verifier attack. The adversary can pretend to be a server to cheat a legal user to send him authentication message, and then it masquerades as a legal user by creating a valid login message, passes the authentication phase and gains the authority of a legitimate user without knowing user password. An enhanced scheme was proposed in which smart card is used for storing server authentication message. The server and user can authenticate each other. The adversary can personate neither server nor user and can not get useful login message from eavesdropped communication. The enhanced scheme can withstand replay attack, denial-of-service attack, password-guessing attack, forgery attack, password-file compromise attack and inside attack as the former scheme. It can also withstand stolen-verifier attack and smart card loss attack.
Keywords�� password   authentication   stolen-verifier attack   smart cards     
Received 2007-08-27;


About author: ������(1977-),��,�ӱ���ˮ��,��ʿ��,huronglei@sohu.com.
������,����ΰ,������.��һ��Զ���û�������֤�����ĸĽ�[J]  �������պ����ѧѧ��, 2008,V34(09): 1037-1040
Hu Ronglei, Liu Jianwei, Zhang Qishan.Improvement of remote user authentication schemes using passwords[J]  JOURNAL OF BEIJING UNIVERSITY OF AERONAUTICS AND A, 2008,V34(09): 1037-1040
http://bhxb.buaa.edu.cn//CN/     ��     http://bhxb.buaa.edu.cn//CN/Y2008/V34/I09/1037
Copyright 2010 by �������պ����ѧѧ��