Abstract: This paper analyzes some defects of the traditional S/KEY One-Time Password(OTP) authorization system, and proposes a new S/KEY authorization solution. Mutual authorization between clients and the server and session key agreement is carried out, and new session key is produced in each authorization. The new S/KEY solution can effectively resist replay attacks, small integer attacks, protocol-broken attacks and personate attacks, and especially has some effects against the man-in-the-middle attacks.

Key words: One-Time Password(OTP), identity authorization, S/KEY authorization

摘要： 分析传统S/KEY型一次性口令认证系统的缺陷，提出一种新型的S/KEY认证方案，实现客户端与服务器的双向认证，可进行会话密钥协商，且每次认证产生不同的会话密钥。该方案可有效抵御重放攻击、小数攻击、破坏协议攻击和冒充攻击，对中间人攻击也有较强的防御作用。

关键词: 一次性口令, 身份认证, S/KEY认证

CLC Number: 

• TP393