改进了Hwang-Yeh方案.提出了一种新的匿名口令认证方案。新方案采用匿名和隐藏口令等方式,弥补了Hwang—Yeh方案的安全缺陷.能抵抗更多的安全攻击,如服务器欺骗、伪造攻击等。新方案与Hwang—Yeh方案、Peyravian Zunic方案以及Peyravian—Jeffries方案进行了安全性比较分析。结果表明,在不安全网络通信中,新口令认证方案具有更高的安全性和实用性。
A new improved password authentication scheme is proposed, which is user anonymity, can fix the Hwang-Yeh's scheme and provide more other security properties such as server spoofing attacks, forge attacks, etc. According to security properties comparisons a- mong Peyravian-Zunic's scheme, Hwang-Yeh's scheme, Peyravian-Jeffries scheme, and our proposed scheme, the proposed scheme is more secure and practical over insecure network.