《计算机应用研究》|Application Research of Computers

更安全的匿名三因子多服务器身份认证协议研究

Research on security-enhanced three-factor multi-server authentication scheme with anonymity

免费全文下载 (已被下载 次)  
获取PDF全文
作者 李晓天,陈建华
机构 武汉大学 数学与统计学院,武汉 430072
统计 摘要被查看 次,已被下载
文章编号 1001-3695(2020)09-044-2781-08
DOI 10.19734/j.issn.1001-3695.2019.03.0034
摘要 多服务器架构下的身份认证协议是远程认证的关键,但许多现有方案都存在潜在的攻击,未实现三因子安全性,忽略了匿名性。因此,需要指出其中的错误,并提出一个匿名的三因子方案。通过攻击者模型,攻击了温翔等人的方案,检验了新方案;使用椭圆曲线密码,保障认证阶段的核心安全性;使用模糊提取器与验证器,保护生物特征与口令;经与同类协议比较,分析了新协议的优势。分析表明,温翔等人的方案不能抵抗服务器仿冒用户,不具匿名性等。而新协议能有效防范智能卡丢失攻击、仿冒攻击等更多样的攻击,实现了匿名性、前向安全性等更全面的功能,计算效率也比前人提高了约14.8%。因此,可以应用于对安全性、可靠性要求较高的多服务器认证网络。
关键词 身份认证; 多服务器; 匿名性; 生物特征值; 椭圆曲线
基金项目
本文URL http://www.arocmag.com/article/01-2020-09-044.html
英文标题 Research on security-enhanced three-factor multi-server authentication scheme with anonymity
作者英文名 Li Xiaotian, Chen Jianhua
机构英文名 School of Mathematics & Statistics,Wuhan University,Wuhan 430072,China
英文摘要 Multi-server authentication protocols are pivotal to remote authentication. However, many existing solutions suffer potential attacks, lack three-factor security, and ignore anonymity. Therefore, this paper pointed out the defects and proposed an anonymous three-factor scheme. Through the attacker model, it attacked the scheme of Wen Xiang et al. and examined the new one. It guaranteed the core security of authentication using elliptic curve cryptography. The use of fuzzy extractor and verifier protected biometrics and passwords. It analyzed the new scheme's advantages over previous schemes. Analysis shows that the former scheme is susceptible to user impersonation attack, and is not anonymous. The new protocol can prevent more attacks such as smart-card loss attack, impersonation attack, etc., and provide more functions such as anonymity and forward security. Its computational efficiency is 14.8% higher than the predecessors. Therefore, it can be applied to a multi-server authentication network that requires high security and reliability.
英文关键词 authentication; multi-server; anonymity; biometrics; elliptic curve
参考文献 查看稿件参考文献
 
收稿日期 2019/3/1
修回日期 2019/4/30
页码 2781-2788
中图分类号 TP309.2
文献标志码 A