计算机工程 ›› 2008, Vol. 34 ›› Issue (14): 161-162.doi: 10.3969/j.issn.1000-3428.2008.14.057

• 安全技术 • 上一篇    下一篇

无线局域网中使用OTP的身份认证方案

韩 平,朱艳琴,罗喜召   

  1. (苏州大学计算机科学与技术学院,苏州 215006)
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2008-07-20 发布日期:2008-07-20

Identity Authentication Scheme Using OTP in Wireless LAN

HAN Ping, ZHU Yan-qin, LUO Xi-zhao   

  1. (School of Computer Science and Technology, Soochow University, Suzhou 215006)
  • Received:1900-01-01 Revised:1900-01-01 Online:2008-07-20 Published:2008-07-20

摘要: 分析无线局域网环境下使用一次性口令的身份认证方案。指出该方案的缺陷,在不增加无线终端计算复杂度的前提下,对原方案进行改进。提出一种抗中间人攻击、抗基于重放消息的合谋攻击以及抗DOS攻击的认证方案,有效地避免原方案的不足,具有更高安 全性。

关键词: 一次性口令, 身份认证, 中间人攻击, DoS攻击

Abstract: This paper analyzes the identity authentication scheme using One-Time Password(OTP) for 802.11 wireless LAN, points out a design insufficiency in this scheme, and demonstrates three kinds of attack. In addition, an improved scheme without additional computational complication which can resist the man-in-middle attack, conspiracy attack and Denial-of-Service(DoS) attack is proposed. So the developed scheme is provided to avoid design insufficiency and has higher security compared with the original scheme.

Key words: One-Time Password(OTP), identity authentication, man-in-middle attack, Denial-of-Service(DoS) attack

中图分类号: