| 基于动态ID的多服务器认证密钥协商方案 |
| |
| 引用本文: | 昝亚洲,;刘文芬,;魏江宏. 基于动态ID的多服务器认证密钥协商方案[J]. 信息工程大学学报, 2014, 0(6): 654-663 |
| |
| 作者姓名: | 昝亚洲, 刘文芬, 魏江宏 |
| |
| 作者单位: | [1]信息工程大学,河南郑州450001; [2]数学工程与先进计算国家重点实验室,河南郑州450001; [3]92187部队,山西长治046011 |
| |
| 基金项目: | 国家973计划资助项目(2012CB315905,2012CB315901) |
| |
| 摘 要: | 讨论了Chuang等人最近提出的一个基于可信计算的匿名多服务器认证密钥协商方案,指出其不能抵抗内部攻击,且在生物验证上存在Hash函数问题.通过引入椭圆曲线公钥密码和对称加密算法,提出了一个新方案并对其进行分析.分析结果表明,新方案弥补了原方案的不足,且具有较高的效率.最后,用一种改进的BAN逻辑证明了新方案满足密钥协商的正确性、密钥机密性和强认证性.
|
| 关 键 词: | 身份认证 多服务器 智能卡 椭圆曲线密码 BAN逻辑 |
Negotiation Scheme of Multi-Server Authenticating Key Based on Dynamic ID |
| |
| Affiliation: | ZAN Ya-zhou, LIU Wen-fen , WEI Jiang-hong ( 1. Information Engineering University, Zhengzhou 450001, China; 2. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou 450001, China; 3. Unit 92187, Changzhi 046011. China) |
| |
| Abstract: | Recently Chuang et al. proposed an anonymous multi-server authenticating key negotia- tion scheme based on trust computing using smart cards and biometrics. However, it is found that their scheme is vulnerable to insider attacks, and it has the Hash function problem in the biometric verification. Therefore, this paper presents an improved scheme by introducing the elliptic curve key cryptography and symmetrical encryption. Security and performance analysis indicate that the new scheme eliminates the defects of Chuang et al. ' s scheme while keeping the high performance. Be- sides, the security of the improved scheme is proved by using the formal analysis method of an im- proved BAN logic. The results show that the improved scheme can ensure the correctness of key a- greement, key confidentiality and strong authentication. |
| |
| Keywords: | authentication aynamic identity multi-server smart card elliptic curve cryptography BAN logic |
| 本文献已被 维普 等数据库收录! |
|
