摘要
Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: (1) it can resist all the attacks listed in introduction; (2) less storage memory requirement due to no verification table stored in server; (3) low computational cost due to hash functions based operations; (4) even if the smart card is lost, the new system is still secure; (5) As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.
Thirteen security requirements for an ideal password authentication scheme using smart cards are listed and a new smart card based password authentication scheme with identity anonymity is proposed. The new scheme can satisfy all the listed ideal security requirements and has the following merits: (1) it can resist all the attacks listed in introduction; (2) less storage memory requirement due to no verification table stored in server; (3) low computational cost due to hash functions based operations; (4) even if the smart card is lost, the new system is still secure; (5) As user identity is anonymous, this scheme is more practical. The new proposed scheme can be applied in source constraint networks.
作者
WANG Bangju1,2, WANG Yuhua3, ZHANG Huanguo1 1. School of Computer, Wuhan University/Key Laboratory of Aerospace Information Security and Trust Computing of Ministry of Education, Wuhan 430072, Hubei, China
2. School of Science, Huazhong Agricultural University, Wuhan 430070, Hubei, China
3. College of Information Science and Engineering, Henan University of Technology
Zhengzhou 450001, Henan, China
基金
Supported by the National Natural Science Foundation of China (60373087, 60473023).
