【摘要】 针对入侵容忍身份认证方案的安全性进行了详细分析,并用状态转移图描述了系统的安全行为。该方案的特点是基于Shamir秘密共享算法将用户密码分片后存储在多个认证服务器中,使得少数服务器受到入侵时仍能继续提供正确的认证服务,且在认证身份时不需要重构用户原来的密码数据,提高了认证系统的可用性、完整性和机密性。更多还原

【Abstract】 This paper gives a detailed analysis on the security of an authentication scheme with intrusion-tolerant feature.A state transition diagram is used to describe the security behavior of the system.The characteristics of the proposed scheme are that a user password is split to store in distributed shared servers by using Shamir′s secret sharing.Thus,valid authentication services are continuously available even though the minority of shared servers are compromised.Moreover,the original password data is not required to be constructed during authentication processes.Hence,the availability,integrity and confidentiality of authentication system will be enhanced by means of the present scheme.更多还原