计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (1): 363-370.doi: 10.11896/jsjkx.230700090

• 信息安全 • 上一篇    

基于口令和智能卡的双因素身份认证与盲云存储方案

王怡, 胡学先, 魏江宏   

  1. 中国人民解放军战略支援部队信息工程大学 郑州450001
  • 收稿日期:2023-07-12 修回日期:2023-09-20 出版日期:2024-01-15 发布日期:2024-01-12
  • 通讯作者: 胡学先(xuexian_hu@hotmail.com)
  • 作者简介:(adapter202010@163.com)
  • 基金资助:
    国家自然科学基金(62172433,62172434);河南省自然科学基金(222300420099)

Two-factor Authentication Scheme for Blind Cloud Storage System Based on Password and SmartCard

WANG Yi, HU Xuexian, WEI Jianghong   

  1. PLA Strategic Support Force Information Engineering University,Zhengzhou 450001,China
  • Received:2023-07-12 Revised:2023-09-20 Online:2024-01-15 Published:2024-01-12
  • About author:WANG Yi,born in 1994,postgraduate.Her main research interests include password authentication and privacy protection.
    HU Xuexian,born in 1982,Ph.D,asso-ciate professor,Ph.D supervisor.His main research interests include big data security,applied cryptography and network security.
  • Supported by:
    National Natural Science Foundation of China(62172433,62172434) and Natural Science Foundation of Henan Province,China(222300420099).

PDF (PC)

3020

摘要: 面向大规模用户数据的存储需求,如何安全地使用云存储技术实现用户数据的远程存取,同时保证数据的可移植性和安全性是当前的一个研究热点。在2022年的USENIX Security会议上,Chen等针对用户仅拥有一个低熵口令的情形,提出了一种高效可移植的盲云存储方案,然而该方案不可避免地继承了口令难以抵抗在线字典攻击的弱点。为弥补单一口令认证方式带来的安全性缺陷,文中提出了一种基于口令和智能卡的双因素身份认证与盲云存储方案。安全性分析和仿真实验结果表明,该方案在保证良好的可移植性、可部署性和盲云存储特性的同时,实现了比纯口令方案更高的安全性,且具有相当的计算和通信效率。

关键词: 智能卡, 低熵口令, 身份认证, 双因素, 盲云存储

Abstract: Aiming at the demand for large-scale data storage,how to securely realize remote access to user data using cloud sto-rage technologies while retaining data portability and security is a research hotspot at present.In USENIX Security 2022,Chen et al.proposed an efficient and portable blind cloud storage scheme for the case where users just hold one low-entropy password.However,the scheme inevitably inherits the weakness of passwords unresistant to online dictionary attack.To compensate the security shortage of password-only authentication,this paper designs a two-factor authentication scheme for blind cloud storage system based on password and smart card.Experimental results show that the proposed scheme not only realizes portability,deployability and blind cloud storage,but also achieves a higher level of security over password-only authentication schemes with equivalently computation and communication efficiency.

Key words: Smart card, Low-entropy password, Identity authentication, Two-factor, Blind cloud storage

中图分类号: 

  • TP309.2
[1]CHEN L,LI Y N,TANG Q,et al.End-to-Same-End Encryption:Modularly Augmenting an App with an Efficient,Portable,and Blind Cloud Storage[C]//Proceedings of the 31st USENIX Security Symposium.Boston:USENIX Association,2022:2353-2370.
[2]WANG D,WANG P.On The Implications of Zipf’s Law inPasswords[C]//Computer Security-ESORICS 2016.Heraklion:Springer International Publishing,2016:111-131.
[3]CHANG C C,WU T C.Remote Password Authentication with Smart Cards[J].Computers and Digital Techniques,IEEE Proceedings,1991,138(3):165-168.
[4]WANG C,WANG D,XU G,et al.A Lightweight Password-Based Authentication Protocol Using Smart Card[J].International Journal of Communication Systems,2017,30(16):e3336.
[5]TURKANOVIĆ M,BRUMEN B,HÖLBL M.A Novel UserAuthentication and Key Agreement Scheme for Heterogeneous Ad Hoc Wireless Sensor Networks,Based on The Internet of Things Notion[J].Ad Hoc Networks,2014,20:96-112.
[6]CHANG C C,LE H D.A Provably Secure,Efficient,and Flexible Authentication Scheme for Ad Hoc Wireless Sensor Networks[J].IEEE Transactions on Wireless Communications,2016,15(1):357-366.
[7]WANG D,GU Q,CHENG H,et al.The Request for Better Measurement:A Comparative Evaluation of Two-Factor Authentication Schemes[C]//Proceedings of the 11th ACM on Asia Conference on Computer and Communications Security.Xi’an:ACM,2016:475-486.
[8]WANG D,HE D,WANG P,et al.Anonymous Two-Factor Authentication in Distributed Systems:Certain Goals Are Beyond Attainment[J].IEEE Transactions on Dependable and Secure Computing,2015,12(4):428-442.
[9]WANG D,WANG P.Two Birds with One Stone:Two-FactorAuthentication with Security Beyond Conventional Bound[J].IEEE Transactions on Dependable and Secure Computing,2018,15(4):708-722.
[10]WANG D,LI W,WANG P.Measuring Two-Factor Authentication Schemes for Real-Time Data Access in Industrial Wireless Sensor Networks[J].IEEE Transactions on Industrial Informa-tics,2018,14(9):4081-4092.
[11]WANG D,WANG P.On The Anonymity of Two-Factor Authentication Schemes for Wireless Sensor Networks:Attacks,Principle and Solutions[J].Computer Networks,2014,73:41-57.
[12]SRINIVAS J,DAS A K,KUMAR N,et al.Cloud Centric Authentication for Wearable Healthcare Monitoring System[J].IEEE Transactions on Dependable and Secure Computing,2020,17(5):942-956.
[13]LIU R,WANG X,WANG C.An Efficient Two-Factor Authentication Scheme Based on Negative Databases:Experiments and Extensions[J].Applied Soft Computing,2022,119:108558.
[14]FAN C I,CHAN Y C,ZHANG Z K.Robust Remote Authentication Scheme with Smart Cards[J].Computers & Security,2005,24(8):619-628.
[15]RAMASAMY R,MUNIYANDI A P.New Remote Mutual Authentication Scheme Using Smart Cards[J].Transactions on Data Privacy,2009,2:141-152.
[16]LEE Y C,HSIEH Y C,LEE P J,et al.Improvement of the ElGamal Based Remote Authentication Scheme Using Smart Cards[J].Journal of Applied Research and Technology,2014,12(6):1063-1072.
[17]GIRI D,MAITRA T,AMIN R,et al.An Efficient and Robust RSA-Based Remote User Authentication for Telecare Medical Information Systems[J].Journal of Medical Systems,2014,39(1):145.
[18]KUMARI A,JANGIRALA S,ABBASI M Y,et al.ESEAP:ECC Based Secure and Efficient Mutual Authentication Protocol Using Smart Card[J].Journal of Information Security and Applications,2020,51:102443.
[19]KUMARI A,ABBASI M Y,ALAM M.A Smartcard-Based Key Agreement Framework for Cloud Computing Using ECC[C]//2021 Third International Conference on Intelligent Communication Technologies and Virtual Mobile Networks(ICICV).Tirunelveli:IEEE,2021:43-48.
[20]SHOHAIMAY F,ISMAIL E S.Improved and Provably Secure ECC-Based Two-Factor Remote Authentication Scheme with Session Key Agreement[J].Mathematics,2023,11(1):5.
[21]XIE Q,WONG D S,WANG G,et al.Provably Secure Dynamic ID-Based Anonymous Two-Factor Authenticated Key Exchange Protocol with Extended Security Model[J].IEEE Transactions on Information Forensics and Security,2017,12(6):1382-1392.
[22]AMIN R,BISWAS G P.Design and Analysis of Bilinear Pairing Based Mutual Authentication and Key Agreement Protocol Usable in Multi-Server Environment[J].Wireless Personal Communications,2015,84(1):439.
[23]AMIN R,ISLAM S H,BISWAS G P,et al.A More Secure and Privacy-Aware Anonymous User Authentication Scheme for Distributed Mobile Cloud Computing Environments[J].Security and Communication Networks,2016,9(17):4650.
[24]SURESHKUMAR V,AMIN R,ANITHA R.An Enhanced Bilinear Pairing Based Authenticated Key Agreement Protocol for Multi-Server Environment[J].International Journal of Communication Systems,2017,30(17):e3358.
[25]SURESHKUMAR V,AMIN R,OBAIDAT M S,et al.An Enhanced Mutual Authentication and Key Establishment Protocol for TMIS Using Chaotic Map[J].Journal of Information Security and Applications,2020,53:102539.
[26]KUMAR A,OM H.An Enhanced and Provably Secure Authentication Protocol Using Chebyshev Chaotic Maps for Multi-Server Environment[J].Multimedia Tools and Applications,2021,80(9):14163-14189.
[27]KWON J O,JEONG I R,LEE D H.Three-Round Smart Card-Based Key Exchange Scheme[J].IEICE Transactions on Communications,2007,E90-B(11):3255-3258.
[28]YOON E J,YOO K Y.Enhanced Three-Round Smart Card-Based Key Exchange Protocol[C]//Autonomic and Trusted Computing.Berlin,Heidelberg:Springer,2008:507-515.
[29]YANG H,ZHANG Y,ZHOU Y,et al.Provably Secure Three-Party Authenticated Key Agreement Protocol Using Smart Cards[J].Computer Networks,2014,58:29-38.
[30]KATZ J,LINDELL Y.Introduction to Modern Cryptography[M].2nd ed.Boca Raton,US:CRC Press,2015:389-398.
[31]CRAMER R,SHOUP V.Design and Analysis of Practical Public-Key Encryption Schemes Secure Against Adaptive Chosen Ciphertext Attack[J].SIAM Journal on Computing,2003,33(1):167-226.
[32] ZHAO Z,FAN T,PENG T,et al.Key Encapsulation Mecha-nism from Lattice in Standard Model[J].Journal of Frontiers of Computer Science and Technology,2019,13(4):629-638.
[33]JARECKI S,LIU X.Fast Secure Computation of Set Intersection[C]//Security and Cryptography for Networks.Berlin,Heidelberg:Springer,2010:418-435.
[34]CHEN H,HUANG Z,LAINE K,et al.Labeled PSI from Fully Homomorphic Encryption with Malicious Security[C]//Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security(CCS ’18).Toronto:ACM,2018:1223-1237.
[35]CONG K,MORENO R C.Labeled PSI From Homomorphic Encryption with Reduced Computation and Communication[C]//Proceedings of the 2021 ACM SIGSAC Conference on Computer and Communications Security.Virtual Event:ACM,2021:1135-1150.
[36]FREEDMAN M J,ISHAI Y,PINKAS B,et al.Keyword Search and Oblivious Pseudorandom Functions[C]//Theory of Cryptography.Berlin,Heidelberg:Springer,2005:303-324.
[37]AMANDA C,DAVI R,DIEGO F A.Faster Unbalanced Private Set Intersection[J].Journal of Internet Services and Applications,2018,9(1):1-18.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发