摘要
针对基于动态身份远程用户认证,可有效防止用户关键信息泄露,保证已认证用户通过授权获取网络服务。针对Wen—Li提出的基于动态身份远程用户认证与密钥协商方案进行安全性分析,指出该方案存在安全缺陷,可能导致泄露用户部分关键信息,进而遭受网络攻击。在保留Wen—Li方案优点基础上提出一种改进的远程用户认证方案,重新设计了认证过程中的会话密钥和密钥确认消息,与Wen—Li方案相比,改进方案能够抵御中间人攻击以及盗窃智能卡攻击,并增强了方案的前向安全性。
The dynamic identity based remote user authentication, which can effectively prevent the user key information leakage, ensures the authenticated user access to network services through the authorization. Aiming at dynamic identity remote user authentication and key agreement scheme based on security analysis proposed by Wen-Li, the authors point out that this scheme has security flaws, may lead to the disclosure of user key information and attacks from the internet. We propose a remote user authentication scheme improved in the retention of Wen-Li scheme based on advantages, the redesign of the session key and key authentication process confirmation. Compared with Wen-Li scheme, the improved scheme can resist man - in - the - middle attacks and stolen smart card attacks, enhancing the scheme with forward security.
出处
《重庆通信业》
2014年第6期48-52,共5页
Chongqing Communication
关键词
动态身份
用户认证
密钥交换
中间人攻击
智能卡攻击
dynamic identity, user authentication, key exchange, man-in-the-middle attack, smart card attack
