期刊文献+

基于模糊提取技术的多服务器身份验证协议 被引量:1

Multi Server Authentication Protocol Based on Fuzzy Extraction Technology
下载PDF
导出
摘要 针对屈娟等人采用模糊提取技术、切比雪夫混沌映射算法给出一个身份认证协议进行全面的安全性分析,指出该身份认证协议存在安全隐患或有待商榷的地方等问题,并在此协议基础之上提出一个改进的基于模糊提取技术的多服务器环境下的身份验证协议。文中协议针对安全等级要求不同的隐私信息采用不同的算法进行加密,安全等级要求较高的数据采用模糊提取技术进行加密,其他数据采用逆向遍历组合运算进行加密;模糊提取技术算法属于轻量级的加密算法,逆向遍历组合运算属于超轻量级的加密算法,两种算法组合使用,在确保安全的前提下,亦可减少通信实体的整体计算量。逆向遍历组合运算是一种文中自主设计的超轻量级运算,算法可基于按位运算,同时混入每个加密参量自身固有的属性汉明权重,在减少参数引入的同时,亦可增加攻击者的破解难度。从安全、性能角度综合分析各协议,文中协议可在确保安全的前提下,尽可能降低整体计算量,适用于低成本智能卡中。 Aiming at the problem that Qu Juan et al. points out that the identity authentication protocol has security risks or problems to be discussed using fuzzy extraction technology and Chebyshev chaotic mapping algorithm to give a comprehensive security analysis of an identity authentication protocol, we propose an improved identity authentication protocol based on fuzzy extraction technology in multi-server environment. In this paper, different algorithms are used to encrypt the privacy information with different security level requirements, the data with higher security level requirements are encrypted by fuzzy extraction technology, and the other data are encrypted by reverse traversal combination operation. Fuzzy extraction algorithm belongs to lightweight encryption algorithm, and reverse traversal combination algorithm belongs to ultra-lightweight encryption algorithm. The combination of the two algorithms can reduce the overall calculation of communication entities on the premise of ensuring security. Reverse traversal combination operation is a kind of ultra-lightweight operation designed by ourselves in this paper. The algorithm can be based on bitwise operation. At the same time, it can mix in the Hamming weight of each encryption parameter’s own inherent attribute, which can reduce the introduction of parameters and increase the attacker’s cracking difficulty. From the perspective of security and performance, the protocol can reduce the total amount of computation as much as possible on the premise of ensuring security, which is suitable for low-cost smart card.
作者 郝伟伟 吕磊 HAO Wei-wei;LYU Lei(Information Center,Administration for Market Regulation of Henan Province,Zhengzhou 450008,China;School of Information Science and Technology,Henan University of Technology,Zhengzhou 450008,China)
出处 《计算机技术与发展》 2022年第5期75-79,共5页 Computer Technology and Development
基金 国家自然科学基金(61705060)。
关键词 多服务器 模糊提取 身份验证 逆向遍历组合运算 智能卡 multi server fuzzy extraction identity authentication reverse traversal combinatorial operation smart card
  • 相关文献

参考文献6

二级参考文献40

  • 1周永彬,冯登国.RFID安全协议的设计与分析[J].计算机学报,2006,29(4):581-589. 被引量:211
  • 2Fan C L,Chan Y C,Zhang Zhikai.Robust remote authentication scheme with smart cards[J].Computer & Security,2005,24(8):619-628.
  • 3Li Chunta,Hwang M S.An efficient biometrics-based remote user authentication scheme using smart cards[J].Journal of Network and Computer Applications,2010,33(1):1-5.
  • 4Xiong Li,Niu Jianwei,Wang Weideng,et al.Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart card[J].Journal of Network and Computer Applications,2011,34(l):73-79.
  • 5Truong T,Tran M,Duong A.Robust biometrics based remote user authentication scheme using smart cards[C]//Proc of the 15th IEEE International Conference on Network-Based Information Systems.2012:384-391.
  • 6Chang C,Lee J.An efficient and secure multi-server password authentication scheme using smart card[C]//Proc of International Conference on Innovative Computing Information and Control.2012:725-728.
  • 7Tsaur W J,Li Jiahong,Lee W B.An efficient and secure multi-server authentication scheme with key agreement[J].Journal of System and Software,2012,85(4):876-882.
  • 8Yoon E,Yoo K.Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem[J].The Journal of Supper Computing,2013,63(1):235-255.
  • 9Wang Bin,Ma Maode.A smart card based efficient and secured multi-server authentication scheme[J].Wireless Personal Communication,2013,68(2):361-378.
  • 10He Debiao,Wu Shuhua.Security flaws in a smart card based authentication scheme for multi-server environment[J].Wireless Personal Communication,2013,70(1):323-329.

共引文献89

同被引文献10

引证文献1

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部