无线网络中可证安全的移动用户密钥交换协议

Provable Security Mobile User Key Exchange Protocol for Wireless Communications

无线网络中的无缝漫游对于用户来说是非常需要的,而在漫游中风险无处不在,因此对移动用户的安全认证是迫切且具有挑战性的。近年来,各种基于身份验证的密钥交换协议越来越受到专家学者们的重视,在管理密码文件中出于防篡改和便捷性的需要,一些基于安全认证的智能卡方案被相继提出。文章提出了注册在不同代理上的两个用户基于智能卡的身份验证方案,该方案需要在两个用户和两个代理之间进行5次信息交换。文章对方案进行了安全性分析,证明该方案可以抵制多种攻击,如重放攻击、已知密钥攻击、内部攻击、离线口令猜测攻击、模仿攻击、恶意代理攻击等。文章实现了处于漫游的用户与注册在外部代理的用户的对话,实用性更强、轮数较少,表明该方案简单、安全、高效。

Seamless roaming for users of wireless network is necessary, and risk in roaming is everywhere, so the safety authentication of the mobile user is urgent and challenging. In recent years, a variety of key exchange protocols based on authentication get more and more attentions of the experts and scholars. In the need of tamper-proof and convenience when managing the password files, some smart card schemes based on security authentication have been put forward. This paper proposes an authentication scheme based on smart card between two users registering on different agents, the scheme needs five information exchanges between two agents and two users. This paper discusses the safety of the scheme, which shows that the scheme can resist various attacks, such as replay attack, known-key attack, inside attack, offline password guessing attack, imitation attack and malicious attack agent etc. This paper implements the dialogue between the user in roaming and the user registering on an external agent. The practicability is stronger and the number of round is less, which proves that the scheme is simple, safe and efficient.