摘要
针对多服务器环境下的远程身份验证存在的安全性问题,提出基于椭圆曲线加密(ECC)的多因子远程用户身份验证协议。该协议所用的因子有密码、智能卡和生物统计信息。在登陆阶段,使用生物统计信息和密钥,将智能卡生成的时间戳信息作为一个依据发送到注册中心,保障基础数据的新鲜性;在身份验证阶段,检查时间戳信息和密钥等信息,由于攻击者无法检索这些基础信息,保障双向验证的顺利完成。BAN逻辑证明了所提协议能够提供安全准确的双向身份验证和会话密钥协商。安全性分析表明,与其它协议相比,所提协议可以抵御各种安全性威胁,总体计算成本较低。
Aiming at the security problem of remote authentication in the environment of multiple server,a multiple-factor remote user authentication protocol based on elliptic curve cryptography(ECC)was proposed.The factors used in this protocol were ciphers,smart cards,and biometric information.On the landing stage,by using the biometric information and the key,the time stamp information generated by the smart card were sent to the registration center as a basis,making the basic data fresh.In the authentication stage,the time stamp information and the key information were checked,and the two-way authentication was completed successfully,because the attacker could not retrieve these basic information.The BAN logic proves that the proposed protocol can provide secure and accurate two-way authentication and session key negotiation.Security analysis shows that compared with other protocols,the proposed protocol can resist many kinds of security threats,and the overall cost of computing is low.
作者
王超
刘黎明
WANG Chao;LIU Li-ming(School of Software,Nanyang Institute of Technology,Nanyang 473004,China)
出处
《计算机工程与设计》
北大核心
2018年第11期3368-3373,共6页
Computer Engineering and Design
基金
2017河南省科技攻关计划基金项目(172102210119)
关键词
多服务器环境
椭圆曲线加密
远程身份验证
时间戳
BAN逻辑
environment of multiple server
elliptic curve cryptography
remote authentication
time stamp
BAN logic
