attacker it is easy to guess the key. If the key is very long
(128, 192, or 256 bits, for example, in AES algorithm [2]),
then it is very difficult to memorize the key by a user. As a
consequence, user should store it in a smart card or hardware
token which can be misplaced or stolen out by an
attacker. Moreover, the token or smart card is protected
by password-based authentication mechanism to control
the access of cryptographic key. Nevertheless, password
can be forgotten or guessed by social engineering [3] and
dictionary attack [4]. Both knowledge-based (e.g., password)
and possession based (e.g., token) authentication
systems are unable to assure non-repudiation property in
traditional cryptography.
attacker it is easy to guess the key. If the key is very long(128, 192, or 256 bits, for example, in AES algorithm [2]),then it is very difficult to memorize the key by a user. As aconsequence, user should store it in a smart card or hardwaretoken which can be misplaced or stolen out by anattacker. Moreover, the token or smart card is protectedby password-based authentication mechanism to controlthe access of cryptographic key. Nevertheless, passwordcan be forgotten or guessed by social engineering [3] anddictionary attack [4]. Both knowledge-based (e.g., password)and possession based (e.g., token) authenticationsystems are unable to assure non-repudiation property intraditional cryptography.
การแปล กรุณารอสักครู่..