| 摘要 |
A system and method is provided for hiding an initiator's identity (ID), e.g. a ClientID, in a shared key authentication protocol, using authentication based on a hint of the ID. The hint is a function of the ID which cannot be readily inverted to produce the initiator's identity, for example, a hash function over the ID, such as a modular N sum hash of the initiator's identity where N corresponds to N hash buckets in a shared key database; a cryptographic hash over the ID and a corresponding shared key; or a function of the ID which cannot be readily inverted to produce the initiator's identity and a pair of MAC values wherein the MAC values are compared to find a shared key. The resulting hash may be reduced to a required number of bits for identification of a hash bucket in the database. The system and method thereby provide a computationally efficient method of protecting, or hiding, a client ID in a client-server system for shared-key authentication, which avoids the requirement of known systems to send the client ID in clear text early in the message exchange, which leaves known shared-key protocols open to passive and active identity disclosure attacks.
|
