期刊文献+

增强的基于生物密钥智能卡远程身份认证方案 被引量:3

An Enhanced Biometrics-Key-Based Remote User Authentication Scheme with Smart Card
下载PDF
导出
摘要 基于生物特征的智能卡身份认证提供智能卡硬件、口令验证、生物特征识别三重保护,给身份认证技术带来新的突破点.回顾了具有较高安全性能的Khan-Kumari方案工作原理,指出该方案存在身份密值封装不当、密值使用方式不合理、新鲜性检测功能缺失、认证双方交互不够充分等缺陷,可导致身份认证安全性受损.提出一个增强的基于生物密钥智能卡远程身份认证方案,用可相互验证的双要素对用户身份密值实施联合保护,基于新鲜性检测、识别重放消息,以融入时标的动态散列值密钥加密传输受保护参数,增加确认消息完善认证流程,增强了用户身份密值的保护强度,提高了对智能卡破解、消息重放、身份冒充、拒绝服务等攻击的抗击能力.安全性分析表明,增强方案以较低的计算与通信开销,有效修复了Khan-Kumari方案中的缺陷,安全性能获得显著增强,即使在两重保护失效条件下,发生身份冒充、认证失败的概率可控制在至10-38以下. Biometrics-based remote user authentication scheme with smart card enforces triple protection including smartcard hardware,user password authentication and biometrics recognition,which brings new breakthrough to authentication.Khan-Kumari scheme,which is characterized with high security performance,is reviewed.Four defects that may do harm to authentication are found in this scheme:flawed encapsulation of user identity secrets,improper access way of them,lack of message freshness check,and insufficient interaction between authentication parties.An enhanced biometrics-key-based remote user authentication scheme with smart card is put forward in this paper.Our scheme enforces four enhancing procedures:mutal verifiable dual factors are used to protect user identity secrets,and playback messages are recognized based on message freshness check,and protected parameters are transmitted after encrypted with dynamic Hash key integrating time flag,and authentication process is made be completed gracefully with acknowledgement message.With these measures,user identity protection is enhanced remarkably.Hence,resistance against smart card cracking,message replay,identity impersonation and service refusal is aggrandized.Security analysis shows that the enhanced scheme effectually fixes vulnerabilities found in Khan-Kumari scheme with small computation and communication cost,achieving remarkably enhanced security performance in defending against varying attacking means.Under the circumstances that even dual protection measures are compromised,the probability of impersonation and authentication failure caused by attacks can be made be less than 10-38.
出处 《计算机研究与发展》 EI CSCD 北大核心 2015年第11期2645-2655,共11页 Journal of Computer Research and Development
基金 国家自然科学基金项目(61300198 61402106) 广东省科技计划基金项目(2007A060304003) 东莞市高等院校科研机构科技计划项目(2012108102035 2012108102007)
关键词 双向身份认证 智能卡 生物密钥 网络安全 多因素认证 mutual authentication smart card biometrics-key network security multi-factor authentication
  • 相关文献

参考文献20

  • 1Lamport L. Password authentication with insecure communicationEJ. Communications of the ACM, 1981, 24 (11) 770-772.
  • 2Chang C C, Wu T C. Remote password authentication with smart cards [J]. IEE Proceedings E: Computers and Digital Techniques, 1991, 138(3): 165-168.
  • 3Hailer N M. The S/KeyTM one-time password system[C] // Proc of the ISOC Symp on Network and Distributed System Security. San Diego, CA: Internet Society, 1994:151-I57.
  • 4Wang Shiuh-Jeng, Chang Jin-Fu. Smart card based secure password authentication scheme EJ. Computers Security, I996, 15(3): 231-237.
  • 5Hwang M S, Li L H. A new remote user authentication scheme using smart cards [J]. IEEE Trans on Consumer Electronics, 2000, 46(1): 28-30.
  • 6Chan C K, Cheng L M. Cryptanalysis of a remote user authentication scheme using smart cards [J]. IEEE Trans on Consumer Electronics, 2000, 46(4): 992-993.
  • 7汪定,马春光,翁臣,贾春福.一种适于受限资源环境的远程用户认证方案的分析与改进[J].电子与信息学报,2012,34(10):2520-2526. 被引量:14
  • 8Lee J K, Ryu S R, Yoo K Y. Fingerprint-based remote user authentication scheme using smart cards [J]. Electronics Letters, 2002, 38(12): 554-555.
  • 9Lin C H, Lai Y Y. A flexible biometrics remote user authentication scheme EJ. Computer Standards & Interfaces, 2004, 27(1): 19-23.
  • 10Khan M K, Zhang J. Improving the security of "a flexible biometrics remote user authentication scheme"EJ. Computer Standards Interfaces, 2007, 29(1): 82-85.

二级参考文献43

  • 1冯登国,陈伟东.基于口令的安全协议的模块化设计与分析[J].中国科学(E辑),2007,37(2):223-237. 被引量:14
  • 2Ari Juels, David Molnar, David Wagner. Security and privacy issues in e-passports [C]//Proc of the 1st Int Conf on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05). Piscataway, NJ: IEEE, 2005 : 74-88
  • 3Lee J K, Ryu S R, Yoo K Y. Fingerprint-based remote user authentication scheme using smart cards [J]. Electronics Letters, 2002, 38(12): 554-555
  • 4Lin Chu-Hsing, Lai Yi-Yi. A flexible biometrics remote user authentication scheme [J]. Computer Standards & Interfaces, 2004, 27(1): 19-23
  • 5Muhammad Khurram Khan, Zhang Jiashu. Improving the security of a flexible biometrics remote user authentication scheme [J]. Computer Standards & Interfaces, 2007, 29 (1): 82-85
  • 6Charles Clancy T, Negar Kiyavash, Dennis J Lin. Secure smartcard based fingerprint authentication [C]//Proc of the 2003 ACM SIGMM Workshop on Biometrics Methods and Application(WBMA 2003). New York: ACM, 2003: 45-52
  • 7Monrose F, Reiter M K, Li Q, et al. Cryptographic key generation from voice [C] //Proc of the 2001 IEEE Syrup on Security and Privacy. Los Alancitos, CA: IEEE Computer Society, 2001:202-213
  • 8Goh A, David Ngo Chek Ling. Computation of eryptographie keys from face biometrics [G] //LNCS 2828: Proc of Int Federation for Information Processing 2003. Berlin: Springer, 2003:1-13
  • 9Juels A, Wattenberg M. A fuzzy commitment scheme [C]//Proc of the 6th ACM Conf on Computer and Communications Security (CCS 1999). New York: ACM, 1999:28-36
  • 10Dodis Y, Reyzin L, Adam Smith. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data [G]//LNCS 3027: Proc of Eurocrypt 2004. Berlin: Springer, 2004:523-540

共引文献21

同被引文献26

引证文献3

二级引证文献18

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部