摘要: 基于修复了延展性缺陷的NTRUSign算法,给出了一个使用智能卡的远程用户认证方案。该方案的安全性是基于单向Hash函数和在有限时间在大维数格计算最短向量的困难性。该方案包括4个阶段:注册阶段,登陆阶段,认证阶段和更改口令阶段。允许用户自主选择并更改口令,实现了双向认证;能够抵御中间人攻击,抗DoS攻击,具备前向安全性、强安全修复性和“黑名单”拒绝服务机制。是一个低开销、强安全性的方案。
关键词:
身份认证,
口令,
智能卡,
NTRUSign,
延展性
Abstract: 】A new remote user authentication scheme using smart cards and a NTRUSign signature scheme against Malleability weak are proposed. The security of the scheme relies on Hash function and the fact that for most lattices, it is very difficult to find extremely short vectors. The scheme has four phases: registration phase, login phase, authentication phase and password change phase. Furthermore, the scheme has many merits: it let users freely choose and change password at their own will; it provides mutual authentication between two entities; it has more lower computational costs; it resists man-in-middle attack and denial of service attack. In addition, it has forward security and strong security reparability, as well as black list eviction mechanism. In a word, the proposed scheme is a better scheme with lower cost and strong security.
Key words:
authentication,
password,
smart cards,
NTRUSign,
malleability
中图分类号:
张利华;朱成九;郭 强;范晓红;吕善伟. 基于MYK-NTRUSign签名的用户认证方案[J]. 计算机工程, 2007, 33(13): 179-181,.
ZHANG Lihua; ZHU Chengjiu; GUO Qiang; FAN Xiaohong; LV Shanwei. MYK-NTRUSign Signature Based User Authentication Scheme[J]. Computer Engineering, 2007, 33(13): 179-181,.