摘要: 基于对称密钥的认证协议需要通信双方拥有共同的密钥,共享密钥的更新存在安全问题。针对上述问题,提出一个以数字信封技术注册图像口令的图像口令认证方案,利用基于身份加密算法的密钥分配协议解决共享密钥的更新问题,采用动态图像序列的登录方式抵抗肩窥攻击,且用户可以自由选择图像口令。理论分析结果证明,该方案可以抵抗重放攻击等常规攻击,并节省通信带宽。
关键词:
图像口令,
数字信封,
基于身份加密,
密钥更新
Abstract: Authentication protocol based on the symmetric key demands the both communicators share the same key, and there is safety problem in the updating of the shared key. In order to solve the problems, this paper proposes a scheme which can register the graphical passwords with digital envelope. It resolves the key update with key establishment based on Identity-Based Encryption(IBE), and resists shoulder surfing adopting dynamic graphical sequence. Users can choose graphical passwords freely. Analysis result proves that the scheme can resist common attacks like replay attack effectively, and its communication cost is reduced.
Key words:
graphical password,
digital envelope,
Identity-Based Encryption(IBE),
key update
中图分类号:
章启恒, 唐西林. 基于身份加密的图像口令认证方案[J]. 计算机工程, 2011, 37(6): 138-140.
ZHANG Qi-Heng, TANG Xi-Lin. Graphical Password Authentication Scheme with Identity-Based Encryption[J]. Computer Engineering, 2011, 37(6): 138-140.