摘要: 分析无线局域网环境下使用一次性口令的身份认证方案。指出该方案的缺陷,在不增加无线终端计算复杂度的前提下,对原方案进行改进。提出一种抗中间人攻击、抗基于重放消息的合谋攻击以及抗DOS攻击的认证方案,有效地避免原方案的不足,具有更高安 全性。
关键词:
一次性口令,
身份认证,
中间人攻击,
DoS攻击
Abstract: This paper analyzes the identity authentication scheme using One-Time Password(OTP) for 802.11 wireless LAN, points out a design insufficiency in this scheme, and demonstrates three kinds of attack. In addition, an improved scheme without additional computational complication which can resist the man-in-middle attack, conspiracy attack and Denial-of-Service(DoS) attack is proposed. So the developed scheme is provided to avoid design insufficiency and has higher security compared with the original scheme.
Key words:
One-Time Password(OTP),
identity authentication,
man-in-middle attack,
Denial-of-Service(DoS) attack
中图分类号:
韩 平;朱艳琴;罗喜召. 无线局域网中使用OTP的身份认证方案[J]. 计算机工程, 2008, 34(14): 161-162.
HAN Ping; ZHU Yan-qin; LUO Xi-zhao. Identity Authentication Scheme Using OTP in Wireless LAN[J]. Computer Engineering, 2008, 34(14): 161-162.