《计算机应用研究》|Application Research of Computers

基于无证书加密短信验证码的移动支付方案

Mobile payment scheme based on certificateless encrypted short message verification code

免费全文下载 (已被下载 次)  
获取PDF全文
作者 柳毅,罗子强
机构 广东工业大学 计算机学院,广州 510006
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2020)07-043-2132-04
DOI 10.19734/j.issn.1001-3695.2019.01.0018
摘要 针对移动支付中验证码泄露问题,提出了一种基于无双线性对的无证书公钥加密短信验证码的移动支付系统方案。该方案引入了标记化思想,双因素认证,解决了移动端私钥存储泄露问题。利用无证书公钥密码签密验证码,即使密文被泄露,攻击者也无法得到真正的验证码,从而避免了验证码泄露的风险。分析结果表明,该方案可以有效抵御多种攻击,并能对用户信息进行隐私保护,是一种安全可靠的移动支付方案。
关键词 无证书公钥密码; 验证码; 移动支付; 签密
基金项目 国家自然科学基金资助项目(61572144)
广东省科技计划资助项目(2016B090918125)
本文URL http://www.arocmag.com/article/01-2020-07-043.html
英文标题 Mobile payment scheme based on certificateless encrypted short message verification code
作者英文名 Liu Yi, Luo Ziqiang
机构英文名 School of Computer,Guangdong University of Technology,Guangzhou 510006,China
英文摘要 To solve the problem of authentication code leakage in mobile payment, this paper proposed a scheme of mobile payment system based on certificateless public key cryptographic short message authentication code without bilinear pairings. The scheme introduced the idea of markup and two-factor authentication, which solved the problem of private key storage leakage in mobile terminals. Using certificateless public key cryptographic signcryption verification code, even if the ciphertext was leaked, the attacker could not get the real authentication code, thus avoiding the risk of authentication code leakage. The analysis results show that the scheme can effectively resist multiple attacks and protect the privacy of user information. It is a secure and reliable mobile payment scheme.
英文关键词 certificateless public key cryptography; authentication code; mobile payment; signcryption
参考文献 查看稿件参考文献
 
收稿日期 2019/1/9
修回日期 2019/3/5
页码 2132-2135
中图分类号 TP309.2
文献标志码 A