Abstract: USB device can be used as a USB security key. When it is used as an identity token in an network Identity(ID) authentication system, adopting the correspondence of the USB security key is more safe than having no adoptive correspondence. By introducing the concept of N-dimensional security key and combining a two-way USB security key authentication protocol, this paper proposes an improved PGP e-mail system. Making use of the USB security key to carry on an identity attestation and manage with airtight key while carrying out safety correspondence, this system does not need the help of trusted third party. Experimental result shows that the system resists man-in-the-middle attack and interleaving attack.

Key words: encryption, USB security key, Identity(ID) authentication

摘要： USB安全锁是网络身份认证系统中常用的信息载体，具有较高的可靠性。该文引入N分法密钥概念，结合USB安全锁的认证协议，提出一种改进的PGP电子邮件系统。在安全通信时，利用USB安全锁进行身份认证和密钥管理，无须可信第三方的介入。实验结果证明，该系统可以有效地抵抗重放攻击和中间人攻击。

关键词: 加密, USB安全锁, 身份认证

CLC Number: 

• TP309.7