期刊文献+

基于SM9算法的移动互联网身份认证方案研究 被引量:9

Research on Mobile Internet Authentication Scheme Based on SM9 Algorithm
下载PDF
导出
摘要 移动互联网单服务器环境下传统身份认证方案存在用户需要针对不同的服务器记忆相应的不同口令,以及传统认证方式中的口令泄漏等安全问题。为解决以上问题,文章提出一种移动互联网单服务器环境下基于SM9算法的身份认证方案。用户针对不同的应用系统,仅需记忆统一的标识和口令,即可在不同的应用系统中通过身份认证,从而获得应用服务和访问资源的权限。文章方案将SM9标识密码算法与口令隐藏相结合,采用一次一密的方式实现密文传输、双向认证,达到了更高的安全性和健壮性,并能减轻用户的记忆负担,给用户带来更好的应用体验。通过安全性分析,文章方案能抵抗重放攻击、仿冒攻击、智能设备丢失攻击等常见攻击。通过性能对比,文章方案比同类方案具有更强的鲁棒性、更高的安全性、更好的便捷性和更少的计算成本,在移动支付、非接触门禁等高安全性需求场景中有较大的应用价值。 The traditional authentication scheme in the single-server environment of the mobile internet has security problems,such as users needing to memorize different passwords corresponding to different servers,password leakage in traditional authentication methods,and so on.In order to solve the problems described above,this paper proposes a singleserver environment authentication scheme based on SM9 algorithm for mobile internet.For different application systems,users that only needed to memorize a unified identification and password could pass through authentication in different application systems and obtained application services and resources・The proposed scheme combined the SM9 algorithm and password hiding to realize ciphertext transmission and mutual authentication,achieved higher security and robustness with one-time key.At the same time,the proposed scheme could reduce the user's memory burden and offer a better application experience.Through security analysis,the proposed scheme can provide resistance to replay attacks,counterfeiting attacks,smartphone loss attacks and other common attacks.Through performance comparison,the proposed scheme has stronger robustness,higher security,better convenience and less computation cost than other similar schemes,and has high application value in high security scenario,such as mobile payment and contactless access control.
作者 张昱 孙光民 李煜 ZHANG Yu;SUN Guangmin;LI Yu(Department of information,Beijing University of Technology,Beijing 100124,China)
出处 《信息网络安全》 CSCD 北大核心 2021年第4期1-9,共9页 Netinfo Security
基金 国家自然科学基金[41706201]。
关键词 SM9算法 移动互联网 单服务器环境 身份认证 SM9 algorithm mobile internet single-server environment authentication
  • 相关文献

参考文献5

二级参考文献154

  • 1中国互联网络信息中心.第27次中国互联网络发展状况统计报告,2011,(27):18-20.
  • 2工业和信息化部电信研究院.移动互联网白皮书.2011.10-28..
  • 3Singh I, Francisco P, Pakulski K et al. CAPWAP Tunneling Protocol (CTP). June 2005.
  • 4Iino S, Govindan S, Sugiura M, Cheng H. Wireless LAN Control Protocol (WiCoP) (RFC 5414). July 2005.
  • 5Calhoun P, Montemurro M, Stanley D. Control and Provi- sioning of Wireless Access Points (CAPWAP) Protocol Speci- fication (RFC 5415). Mar. 2009.
  • 6Calhoun P, Montemurro M, Stanley D. Control and Provi- sioning of Wireless Access Points (CAPWAP) Protocol Bind- ing for IEEE 802.11 (RFC 5416). Mar. 2009.
  • 7Bernaschi M, Cacace F, Iannello Get al. OpenCAPWAP: An open source CAPWAP implementation for the manage- ment and configuration of WiFi hot-spots. Computer Net- works, 2009, 53(2).. 217-230.
  • 8Bernasehi M, Caeace F, Davoli Aet al. A CAPWAP-based solution for frequency planning in large scale networks of WiFi Hot-Spots. Computer Communications, 2011, 34(11) : 1283-1293.
  • 9Lee M J, Zheng J, Ko Yet al. Emerging standards for wireless mesh technology. IEEE Wireless Communications, 2006, 13(2): 56-63.
  • 10IEEE Draft Standard for Information Technology-Telecom- munications and information exchange between systems-Local and metropolitan area networks-Specific requirements-Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) specifications-Amendment 10: Mesh Networking. IEEE P802. lls/Dg. 0, February 2011, 2011: p. 1-361.

共引文献297

同被引文献66

引证文献9

二级引证文献11

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部