摘要
在开放的网络环境中,身份认证是确保信息安全的一种重要手段。针对Li等(LI X,WU F,KHAN M K,et al. A secure chaotic map-based remote authentication scheme for telecare medicine information systems. Future Generation Computer Systems,2017,84:149-159.)提出的身份认证协议,指出其容易遭受用户冒充攻击、拒绝服务攻击等缺陷,并提出一个新的多因子认证协议来修复以上安全漏洞。该协议使用了扩展混沌映射,采用动态身份保护用户匿名性,并利用三次握手技术实现异步认证。安全性分析结果表明,所提协议可以抵抗冒充攻击、拒绝服务攻击,能够保护用户匿名性和身份唯一性。
In the open network environment,identity authentication is an important means to ensure information security.Aiming at the authentication protocol proposed by Li,et al(LI X,WU F,KHAN M K,et al.A secure chaotic map-based remote authentication scheme for telecare medicine information systems.Future Generation Computer Systems,2017,84:149-159.),some security defects were pointed out,such as user impersonation attacks and denial service attacks.In order to overcome those vulnerabilities,a new protocol scheme with multi-factor was proposed.In this protocol,extended chaotic mapping was adopted,dynamic identity was used to protect user anonymity,and three-way handshake was used to achieve asynchronous authentication.Security analysis result shows that the new protocol can resist impersonation attacks and denial service attacks and protect user anonymity and unique identity.
作者
王松伟
陈建华
WANG Songwei;CHEN Jianhua(School of Mathematics and Statistics,Wuhan University,Wuhan Hubei 430072,China)
出处
《计算机应用》
CSCD
北大核心
2018年第10期2940-2944,2954,共6页
journal of Computer Applications
关键词
混沌映射
三因子
认证
密钥协商
用户匿名性
冒充攻击
chaotic mapping
three-factor
authentication
key agreement
user anonymity
impersonation attack
