计算机科学 ›› 2019, Vol. 46 ›› Issue (11A): 409-413.
杜浩瑞, 陈建华, 戚明平, 彭聪, 范青
DU Hao-rui, CHEN Jian-hua, QI Ming-ping, PENG Cong, FAN Qing
摘要: 设计安全、实用的多服务器下密钥协商协议是当前信息安全领域研究的热点。基于设计协议的一般准则,讨论了Wang等[15]设计的一个匿名的基于生物特征的多服务器的密钥认证协议方案,指出了该协议无法抵抗服务器假冒攻击、智能卡丢失攻击、会话密钥泄露攻击;同时该方法因用户匿名性失效易造成用户隐私泄露的问题,所以不适用于实际应用。为了弥补这些缺陷,文中给出了一种基于RSA密钥的改进协议。在注册阶段,RC和服务器共享不同的密钥、时间标记等来有效抵抗服务器假冒攻击和实现匿名性、不可追踪性等。在登录阶段,协议采用公钥技术来实现用户动态身份的登录和保证前向安全性等。在认证阶段,协议包括3次相互认证,并对消息做新鲜性检测等,实现相互认证以防止重放攻击等。最后,协议对可能存在的攻击进行安全分析和效率分析,证明了改进协议能抵抗丢失智能卡攻击、匿名性等攻击。同时,该协议尽量保持了简单的运算。
中图分类号:
[1]TSUAR W J.A flexible user authentication scheme for multi-server internet services[C]∥Proc.of the Int’l Conf.on Networking (ICN 2001).LNCS 2093,2001:174-183. [2]LI C T.Secure smart card based password authenticationscheme with user anonymity[J].Information Technology & Control,2011,40(40):157-162. [3]WU Z Y,CHANG D L,LIN T C,et al.A reliable dynamic user-remote password authentication scheme over insecure network[C]∥Processing of the 26th International Conference on Advanced Information Networking and Applications.Washington DC:IEEE Computer Society,2012:25-28. [4]LI X,MA J,WANG W D,et al.A novel smart card and dynamic ID based remote user authentication scheme for multi-server Environments[J].Mathematical & Computer Modelling,2013,58 (1/2):85-95. [5]CHEN B L,KUO W C,WU C L.Robust smart-card-based remote user password authentication scheme[J].International Journal of Communication Systems,2014,27(2):377-389. [6]KUMARI S,KHAN M K.More secure smart card-based remote user pass-word authentication scheme with user anonymity[J].Security & Communication Networks,2014,7(11):2039-2053. [7]XU L L.An improved and provable remote user authentication scheme based on elliptic curve cryptosystem with user anonymity[J].Security & Communication Networks,2015,8(2):245-260. [8]LIC T,H WANG.An efficient biometric-based remoteuser authentication scheme using smart cards [J].Journal of Net work and Computer Applications,2010,33(1):1-5. [9]YOON E J,YOO K Y.Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem[J].The Journal of Supercomputing,2013,63(1):235-255. [10]KIM H,JEON W,LEE K,et al.Cryptanalysis and improvement of a biometrics-based multi-server authentication with key agreement scheme[C]∥Proc.of the 12th Int’l Conf.on Computational Science and Its Applications (ICCSA 2012).IEEE,2012:391-406. [11]HE D B,WANG D.Robustbiometrics-based authenticationscheme for multi-serve environmental[J].IEEE Systems Journal,2005,9(3):816-823. [12]ODELU V,DAS A K,GOSWAMI A.Crytanalysis on robust bi-ometrics-based authentication scheme for multi-server environment [EB/OL].http://eprint.iacr.org/2014/715. [13]CHUANG M C,CHEN M C.An anonymous multi-server authenticated key agreement scheme based on trust computingsuingsmart cards and biometric [J].Expert Systems with Applications,2014,41(4):1411-1418. [14]MISHRA D,DAS A,MUKHOPADHYAY S.A secure user anonymity-preserving biometric-based multi-sever authenticated key agreement scheme using smart cards [J].Expert Systems with Applications,2014,41(18):8129-8143. [15]王瑞兵,陈建华,张媛媛.一个匿名的基于生物特征的多服务器的密钥认证协议方案的研究[J].计算机应用研究,2016,33(7):2190-2196. [16]CHAUDHRY S A.A secure biometric based based multi-server authentication scheme for social multimedia network [J].Multi-media Tools & Applications,2016,75(20):1-21. [17]XIA P Z,CHEN J H.Three-factor authentication scheme formulti-servers environments based on elliptic curve cryptography [J].Application Research of Computers,2017,34(10):3061-3067. [18]殷秋实,陈建华.多服务器环境下基于椭圆曲线密码的改进的身份认证协议[J].计算机科学,2018,45(6):111-116. [19]汪定,李文婷,王平.对三个多服务器环境下匿名认证协议的分析[J].软件学报,2018,29(7):1937-1952. [20]汪定,马春光,翁臣,等.一种适于受限资源环境的远程用户认证方案的分析与改进[J].电子与信息学报,2012,34(10):2520-2526. [21]WAN T,LIU Z X,MA J F.Authentication and key agreement protocol for multi-server architecture[J].Journal of Computer Research and Development,2016,53(11):2446-2453. [22]AMIN R.Cryptanalysis and efficient dynamic ID based remoteuser authentication scheme in multi-server environment ssing smart card[J].Int’l Journal of Network Security,2016,18(1):172-181. [23]REDDY A G,YOON E J,DAS A K,et al.Design of mutually authenticated key agreement protocol resistant to impersonation attacks for multi-server environment[J].IEEE Access,2017,5:3622-3639. |
[1] | 蹇奇芮, 陈泽茂, 武晓康. 面向无人机通信的认证和密钥协商协议 Authentication and Key Agreement Protocol for UAV Communication 计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098 |
[2] | 梁珍珍, 徐明. 基于海洋水声信道的密钥协商方案 Key Agreement Scheme Based on Ocean Acoustic Channel 计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097 |
[3] | 李利, 何欣, 韩志杰. 群智感知的隐私保护研究综述 Review of Privacy-preserving Mechanisms in Crowdsensing 计算机科学, 2022, 49(5): 303-310. https://doi.org/10.11896/jsjkx.210400077 |
[4] | 范家幸, 王志伟. 基于门限环签名的分级匿名表决方案 Hierarchical Anonymous Voting Scheme Based on Threshold Ring Signature 计算机科学, 2022, 49(1): 321-327. https://doi.org/10.11896/jsjkx.201000032 |
[5] | 王向宇, 杨挺. 智能合约定义路由目录服务器 Routing Directory Server Defined by Smart Contract 计算机科学, 2021, 48(6A): 504-508. https://doi.org/10.11896/jsjkx.200700210 |
[6] | 姜昊堃, 董学东, 张成. 改进的具有前向安全性的无证书代理盲签名方案 Improved Certificateless Proxy Blind Signature Scheme with Forward Security 计算机科学, 2021, 48(6A): 529-532. https://doi.org/10.11896/jsjkx.200700049 |
[7] | 宗思洁, 覃天, 贺龙兵. 面向IOT芯片的安全启动算法分析与应用 Analysis and Application of Secure Boot Algorithm Based on IOT Chip 计算机科学, 2021, 48(11A): 552-556. https://doi.org/10.11896/jsjkx.210300237 |
[8] | 符朕皓, 林定康, 姜皓晨, 颜嘉麒. 大零币匿名技术及追踪技术综述 Survey of Anonymous and Tracking Technology in Zerocash 计算机科学, 2021, 48(11): 62-71. https://doi.org/10.11896/jsjkx.210300025 |
[9] | 倪亮, 王念平, 谷威力, 张茜, 刘伎昭, 单芳芳. 基于格的抗量子认证密钥协商协议研究综述 Research on Lattice-based Quantum-resistant Authenticated Key Agreement Protocols:A Survey 计算机科学, 2020, 47(9): 293-303. https://doi.org/10.11896/jsjkx.200400138 |
[10] | 张王策, 范菁, 王渤茹, 倪旻. 面向缺损数据的(α,k)-匿名模型 (α,k)-anonymized Model for Missing Data 计算机科学, 2020, 47(6A): 395-399. https://doi.org/10.11896/JsJkx.190500131 |
[11] | 任仪. 基于区块链与人工智能的网络多服务器SIP信息加密系统设计 Design of Network Multi-server SIP Information Encryption System Based on Block Chain and Artificial Intelligence 计算机科学, 2020, 47(6A): 634-638. https://doi.org/10.11896/JsJkx.190600075 |
[12] | 李斌, 刘全. 基于最小二乘的双权重学习法 Double Weighted Learning Algorithm Based on Least Squares 计算机科学, 2020, 47(12): 210-217. https://doi.org/10.11896/jsjkx.191100084 |
[13] | 秦艳琳, 吴晓平, 胡卫. 多重PKG环境中高效的身份基认证密钥协商协议 Efficient Identity-based Authenticated Key Agreement Protocol with Multiple Private Key Generators 计算机科学, 2020, 47(11): 68-72. https://doi.org/10.11896/jsjkx.191000008 |
[14] | 罗鹏宇, 吴乐, 吕扬, 袁堃平, 洪日昌. 基于时序推理的分层会话感知推荐模型 Temporal Reasoning Based Hierarchical Session Perception Recommendation Model 计算机科学, 2020, 47(11): 73-79. https://doi.org/10.11896/jsjkx.200700088 |
[15] | 程庆丰, 李钰汀, 李兴华, 姜奇. 面向边缘计算环境的密码技术研究综述 Research on Application of Cryptography Technology for Edge Computing Environment 计算机科学, 2020, 47(11): 10-18. https://doi.org/10.11896/jsjkx.200500003 |
|