期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

基于Fuzzy Vault的身份认证 被引量:1

Identity Authentication Based on Fuzzy Vault
原文传递
导出
摘要 针对身份认证中可能出现的数字身份被冒用问题,提出了一种强双因子身份认证方案,将生成的数字证书及私钥存储于用户智能卡中,再使用fuzzy vault保护智能卡的PIN。通过组合2种不同条件来证明一个人的身份,安全性有了明显提高。同时为了减轻智能卡的计算负担,引入秘密共享思想,当且仅当用户智能卡和指纹服务器中信息都可得时,才释放其中绑定的智能卡PIN。该方案进一步完善了PKI的安全认证,适用于高端用户或有特殊需要的高安全度客户的身份认证。 A scheme named strong two-factor authentication was proposed,to resolve the possible issues of digital identity illegally used by attackers.We stored the generated digital certificate and its private key in a smartcard and protected the PIN of the smartcard by fuzzy vault.The security was improved obviously through combining two kinds of factors to prove one's identity.Meanwhile in order to relieve the computational burden of the smartcard,we imported secret sharing.Only when both the information of the smartcard and the fingerprint server are acquired,would the binding PIN of the smartcard be released.This scheme further perfects the authentication of PKI and is suitable for the authentication of high-end users or high safety customers with special requirements.
作者 李芬 刘泉 庞辽军 裴庆祺
机构地区 武汉理工大学信息工程学院 西安电子科技大学生命科学技术学院 西安电子科技大学国际教育学院
出处 《武汉理工大学学报》 CAS CSCD 北大核心 2011年第3期161-164,共4页 Journal of Wuhan University of Technology
基金 国家高技术研究发展计划(863计划)(2008AA01Z411 2009AA01Z440) 国家自然科学基金(60803150 60803151) 湖北省自然科学基金重点项目(2008CDA020) 国家自然科学基金委员会-广东联合基金重点项目(U0835004)
关键词 模糊保险箱 数字证书 私钥 身份认证 智能卡 fuzzy vault digital certificate private key identity authentication smartcard
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献12

  • 1田捷,李亮,杨鑫.Fingerprint-Based Identity Authentication and Digital Media Protection in Network Environment[J].Journal of Computer Science & Technology,2006,21(5):861-870. 被引量:6
  • 2Khan M K, Alghathbar K. Cryptanalysis and Security Improvements of 'Two-factor User Authentication in Wireless Sensor Networks' [J]. Sensors, 2010, 10(3): 2450-2459.
  • 3王斌,李建华.基于智能卡的动态身份认证机制[J].通信学报,2003,24(8):117-121. 被引量:5
  • 4Ronggong Song. Advanced Smart Card-based Password Authentication Protocol [J]. Comput Stand Interfaces, 2010, 32 (5) : 321-325.
  • 5王邦菊,张焕国,王玉华.安全的非智能卡匿名口令认证方案[J].通信学报,2008,29(10):70-75. 被引量:2
  • 6Nandakumar K, Jain A, Pankanti S. Fingerprint-based Fuzzy Vault: Implementation and Performance [J]. IEEE Trans- actions on Information Forensics and Security, 2007, 2(4):744-757.
  • 7Choi Hanna, Choi Woo-yong, Moon Daesung, et al. Smartcard-based Secret Sharing for Secure Fingerprint Verification [C]//Proceedings of the 2009 Fourth International Conference on Embedded and Multimedia Computing (EM-Com 2009). Jeju: EM-COM, 2009..1-6.
  • 8Chen Chin-Ling. A Secure and Traceable E-DRM System Based on Mobile Device [J]. Expert Systems with Applications, 2008, 35(3): 878-886.
  • 9张茹,杨榆,张啸.数字版权管理[M].北京:人民邮电出版社,2008.
  • 10庞辽军.秘密共享技术及其应用[D].西安:西安电子科技大学,2006.

二级参考文献68

  • 1LAMPORT L. Password authentication with insecure communication[J]. Communications of the ACM, 1981, 24: 770-772.
  • 2PEYRAVIAN M, ZUNIC N. Methods for protecting password transmission[J]. Computer & Security, 2000, 19 (5): 466-469.
  • 3HWANG J J, YEH T C. Improvement on peyravian-Zunic's password authentication schemes[J]. IEICE Transactions on Communications, 2002,85 (4): 823-825.
  • 4PEYRAVIAN M, JEFFRIES C. Secure remote user access over insecure networks[J]. Computer Communications, 2006, 29(5-6): 660-667.
  • 5KU W C, CHEN C M, HUI L. Cryptanalysis of a variant of ieyravian-zunic's password authentication scheme[J]. IEICE Transaction on Communications, 2003, E86-B (5): 1682-1684.
  • 6TSENG Y M, JAN J K, CHIEN H Y. On the security of methods for protecting password transmission[J]. Informatica, 2001, 12(3): 469477.
  • 7CHUN L L, HWANG T L. A password authentication scheme with secure password updating[J]. Computers & Security, 2003, 22(1): 68-72.
  • 8CHANG Y F, CHANG C C, LILT Y L. Password authentication with-out the server public key[J]. IEICE Transaction on Communications. 2004, 87 (10): 3088-3091.
  • 9YOON E J, RYU E K, YOO K Y. A secure user authentication scheme using hash functions[J]. ACM Operating Systems Review, 2004, 38(2): 62-68.
  • 10KU W C, CHIANG M H, CHANG S T. Weaknesses of Yoon-Ryu- Yoo's hash-based password authentication scheme[J]. ACM Operating Systems Review, 2005, 39(1): 85-89.

共引文献10

同被引文献8

引证文献1

武汉理工大学学报
2011年 第3期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部