首页 | 本学科首页   官方微博 | 高级检索  
     

基于相互认证和3DES加密的智能卡远程支付系统认证方案
引用本文:莫淦清,王国华. 基于相互认证和3DES加密的智能卡远程支付系统认证方案[J]. 计算机应用研究, 2016, 33(10)
作者姓名:莫淦清  王国华
作者单位:浙江金融职业学院,浙江工业大学
基金项目:国家自然科学(No.61100056);浙江省教育厅科研项目(No.Y201328857);浙江省教育厅高校访问工程师项目(No.FG2014081)。
摘    要:针对现有基于智能卡支付系统的安全方案存在密码暴露、信息泄露和身份认证等问题,提出一种新的基于相互认证和3DES加密的智能卡远程支付系统认证方案。分析基于二次剩余的支付认证方案的不足,在注册、登录、身份认证和密码更改阶段对其进行改进,避免密码暴露攻击,提高密码更改阶段的安全性,同时结合3DES加密算法对支付信息进行加密处理。性能分析表明,该方案能有效抵御多种攻击,且用户能够自由地修改密码,同时可对用户信息进行匿名保护。与现有智能卡支付认证方案相比,该方案提高了支付系统的安全性能且具有较小的计算复杂度。

关 键 词:智能卡远程支付  相互认证  抵御攻击  二次剩余  3DES加密
收稿时间:2015-09-17
修稿时间:2016-08-26

An authentication scheme for smart card remote payment system based on mutual authentication and information encryption
MO Gan-qing and WANG Guo-hua. An authentication scheme for smart card remote payment system based on mutual authentication and information encryption[J]. Application Research of Computers, 2016, 33(10)
Authors:MO Gan-qing and WANG Guo-hua
Affiliation:Department of Information Technology,Zhejiang Financial College,Hangzhou,Zhejiang,Zhejiang University of Technology
Abstract:For the issues that the existing smart card remote payment system security scheme existing password exposure, information leakage and authentication, this paper proposed an authentication scheme for smart card remote payment system based on mutual authentication and information encryption. It has analysed the defects of existing payment authentication scheme based on quadratic residue and improved those defects in registration, login, identity authentication and password change phase, to avoid attack of cryptographic exposure and improve the safety of password change phase. At the same time, it combined with 3DES encryption algorithm to encrypt the payment information. The performance analysis shows that the scheme can resist many kinds of attacks effectively, and allow the users to change their passwords freely, meanwhile, providing anonymous protection of user information. Compared with the existing smart card authentication scheme, this scheme has improved the security performance of card remote payment system and has a smaller computational complexity.
Keywords:Smart card remote payment   Mutual authentication   Defense attack   Quadratic residue   3DES encryption
点击此处可从《计算机应用研究》浏览原始摘要信息
点击此处可从《计算机应用研究》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号