智能卡和口令结合的动态认证方案

Dynamic Authentication Scheme Based on Smart Card and Password

远程认证协议能有效的保证远程用户和服务器在公共网络上的通信安全;提出一种匿名的安全身份认证方案,通过登录ID的动态变化,提供用户登录的匿名性,通过用户和服务器相互验证建立共享的会话密钥,抵抗重放攻击和中间人攻击,实现用户安全和隐私,通过BAN逻辑分析证明改进方案的有效性,通过安全性证明和性能分析说明了新协议比同类型的方案具有更高的安全性、高效性。

Remote authentication protocol can effectively guarantee the communication security of remote users and servers in the public network. We provide a kind of anonymous and secure authentication scheme of identity authentication, by the dynamic change of the login ID we can ensure the anonymity of the user login, utilizing the user and server mutual authentication to establish a shared session key that can resistance to man in the middle attack and replay attack. According to the above measures, we realize the security and privacy of users, and the BAN logic analysis is performed to demonstrate the effectiveness of the improved scheme. The security and performance analysis of the proposed scheme shows that the new protocol is more secure and efficient than the same type of scheme.