本文已被:浏览 1124次 下载 1977次
Received:August 27, 2014 Revised:October 08, 2014
Received:August 27, 2014 Revised:October 08, 2014
中文摘要: 针对Kerberos协议的弱点和安全性问题, 提出了一个基于混合加密机制的Kerberos改进方案, 目的是防范口令攻击和内部攻击. 给应用服务器和AS服务器分配公钥和私钥, 用户与服务器之间的会话密钥由DH密钥交换生成. 给出了改进后的Kerberos协议的六个步骤, 并对安全性进行分析. 分析结果表明, 新方案能够增强Kerberos协议的安全性, 而且比公钥加密机制高效.
中文关键词: 身份认证 Kerberos协议 口令攻击 内部攻击 Diffie-Hellman密钥交换协议
Abstract:Aiming at the vulnerability and security problem of Kerberos protocol, an enhanced scheme of Kerberos protocol based on hybrid cryptosystem is put forward. The aims of the improved scheme are able to defend the password attacks and the insider threads. Public keys and private keys are assigned to the application servers and the AS server, the session key between user and application server is generated by DH key exchanged algorithm. The improved Kerberos protocol is given by six steps and the security is analyzed. Analysis shows that the new scheme can enhance the security of Kerberos and is more efficient than Public key encryption mechanism.
keywords: user authentication Kerberos protocol password attack insider thread Diffie-Hellman key exchanged algorithm
文章编号: 中图分类号: 文献标志码:
基金项目:
引用文本:
庄小妹,唐西林.基于混合机制的Kerberos安全性增强方案.计算机系统应用,2015,24(5):257-260
ZHUANG Xiao-Mei,TANG Xi-Lin.Enhanced Security Scheme of Kerberos Protocol Based on Hybrid Cryptosystem.COMPUTER SYSTEMS APPLICATIONS,2015,24(5):257-260
庄小妹,唐西林.基于混合机制的Kerberos安全性增强方案.计算机系统应用,2015,24(5):257-260
ZHUANG Xiao-Mei,TANG Xi-Lin.Enhanced Security Scheme of Kerberos Protocol Based on Hybrid Cryptosystem.COMPUTER SYSTEMS APPLICATIONS,2015,24(5):257-260
