After analyzing the shortage of applying USBKey in the process of PKI authentication and having studied some schemes including Lee-Chiu's,in this paper we propose an enhanced scheme of USBKey-based identity authentication. At the end through virtual circumstance the authentication algorithm is programmed for implementation. This scheme realizes mutual authentication with one-time pad,which can resist the replay attack, denial-of-service attack, chosen-ciphertext attack, password guessing attack, man-in-the-middle attack and forgery attack, so as to improve the security.%分析了USBKey应用于PKI认证过程中存在的不足,研究了Lee-Chiu等方案,给出基于USBKey的身份认证机制的增强方案,最后通过模拟环境对该认证算法进行编程实现.该方案实现"一次一密"的双向认证,能够抵御重放攻击、拒绝服务攻击、选择密文攻击、密钥猜测攻击、中间人攻击、假冒服务器攻击,增强了安全性.
展开▼