摘要： 基于口令的身份识别技术是分布式网络环境中使用最为广泛的一种技术，然而传统的口令识别技术容易受到字典攻击、重传攻击和拒绝服务攻击。针对Sandirigara等人提出的SAS协议，提出了一种简单有效的口令识别方案SEPA，该方案可以抵御字典攻击、重传攻击和服务器拒绝服务攻击，且计算负荷和通信负荷较小。

关键词: 口令识别, Hash函数, 一次口令, 安全

Abstract: The identity authentication mechanism based on password protection is widely used in distributed environments. However, the traditional authentication scheme using passwords is vulnerable to attacks like dictionary attack, replay attack and denial of service attack. Based on the SAS protocol proposed by Sandirigara et al, this paper presents a simple and efficient password authentication scheme that can resist dictionary, replay, denial of service attacks, and minimize the computation and communication overheads.

Key words: Password authentication, Hash function, One-time password, Security