| 基于智能卡的多服务器远程匿名认证密钥协商协议 |
| |
| 引用本文: | 李艳平,刘小雪,屈娟,鲁来凤.基于智能卡的多服务器远程匿名认证密钥协商协议[J].四川大学学报(工程科学版),2016,48(1):91-98. |
| |
| 作者姓名: | 李艳平 刘小雪 屈娟 鲁来凤 |
| |
| 作者单位: | 陕西师范大学,陕西师范大学数科院,重庆三峡学院,陕西师范大学数科院 |
| |
| 基金项目: | 面向移动终端跨域认证与密钥协商协议研究(61402275)无证书聚合签名技术及其在物联网中的应用研究(61402015) |
| |
| 摘 要: | 本文先对Xu等人近期提出的一个基于智能卡的动态身份用户认证(简称XJWM)方案进行分析,指出其不能抵抗冒充攻击和密钥泄露攻击,且不能实现前向安全和后向安全. 然后利用Diffie-Hellman密钥协商算法及生物认证技术,提出一个新的多服务器环境下多因子远程匿名认证密钥协商协议,有效弥补了XJWM方案存在的安全缺陷. 最后,用改进的BAN逻辑证明了新方案密钥协商的正确性、会话密钥机密性与新鲜性以及双向认证性.性能与安全性分析说明新方案在少量增加通信、存储和计算量的情况下具有好的安全性.
|
| 关 键 词: | 智能卡 Diffie-Hellman密钥协商 匿名认证 BAN逻辑 |
| 收稿时间: | 2015/9/22 0:00:00 |
| 修稿时间: | 2015/12/2 0:00:00 |
Multi-server anonymous remote authenticated key agreement protocol based on smart card |
| |
| Abstract: | Xu et al. recently proposed a dynamic ID based remote user authentication scheme using smart cards (short for XJWM scheme). We found that XJWM scheme is vulnerable to impersonation attacks and key leakage attacks, and it is also lack of perfect forward security and backward security. Based on Diffie-Hellman key agreement protocol and biometrical authentication technology, a new multi-server and multi-factor anonymous remote authenticated key agreement protocol is presented, which efficiently eliminates the security vulnerabilities of XJWM scheme. At last, the security of the new scheme is proved by the improved BAN logic. It shows that the new scheme can ensure the correctness of key agreement, key confidentiality, key freshness and mutual authentication. The results of security and performance analysis demonstrate the proposed scheme provides relatively more security features without increasing too much communication, computation and storage overhead. |
| |
| Keywords: | smart card Diffie-Hellman key agreement anonymous authentication BAN logic |
|
| 点击此处可从《四川大学学报(工程科学版)》浏览原始摘要信息 |
|
点击此处可从《四川大学学报(工程科学版)》下载全文 |
|
