基于模糊提取技术的多服务器身份验证协议

Multi Server Authentication Protocol Based on Fuzzy Extraction Technology

下载PDF

导出

摘要针对屈娟等人采用模糊提取技术、切比雪夫混沌映射算法给出一个身份认证协议进行全面的安全性分析,指出该身份认证协议存在安全隐患或有待商榷的地方等问题,并在此协议基础之上提出一个改进的基于模糊提取技术的多服务器环境下的身份验证协议。文中协议针对安全等级要求不同的隐私信息采用不同的算法进行加密,安全等级要求较高的数据采用模糊提取技术进行加密,其他数据采用逆向遍历组合运算进行加密;模糊提取技术算法属于轻量级的加密算法,逆向遍历组合运算属于超轻量级的加密算法,两种算法组合使用,在确保安全的前提下,亦可减少通信实体的整体计算量。逆向遍历组合运算是一种文中自主设计的超轻量级运算,算法可基于按位运算,同时混入每个加密参量自身固有的属性汉明权重,在减少参数引入的同时,亦可增加攻击者的破解难度。从安全、性能角度综合分析各协议,文中协议可在确保安全的前提下,尽可能降低整体计算量,适用于低成本智能卡中。 Aiming at the problem that Qu Juan et al. points out that the identity authentication protocol has security risks or problems to be discussed using fuzzy extraction technology and Chebyshev chaotic mapping algorithm to give a comprehensive security analysis of an identity authentication protocol, we propose an improved identity authentication protocol based on fuzzy extraction technology in multi-server environment. In this paper, different algorithms are used to encrypt the privacy information with different security level requirements, the data with higher security level requirements are encrypted by fuzzy extraction technology, and the other data are encrypted by reverse traversal combination operation. Fuzzy extraction algorithm belongs to lightweight encryption algorithm, and reverse traversal combination algorithm belongs to ultra-lightweight encryption algorithm. The combination of the two algorithms can reduce the overall calculation of communication entities on the premise of ensuring security. Reverse traversal combination operation is a kind of ultra-lightweight operation designed by ourselves in this paper. The algorithm can be based on bitwise operation. At the same time, it can mix in the Hamming weight of each encryption parameter’s own inherent attribute, which can reduce the introduction of parameters and increase the attacker’s cracking difficulty. From the perspective of security and performance, the protocol can reduce the total amount of computation as much as possible on the premise of ensuring security, which is suitable for low-cost smart card.

作者郝伟伟吕磊 HAO Wei-wei;LYU Lei(Information Center,Administration for Market Regulation of Henan Province,Zhengzhou 450008,China;School of Information Science and Technology,Henan University of Technology,Zhengzhou 450008,China)

机构地区河南省市场监督管理局信息中心河南工业大学信息科学与工程学院

出处《计算机技术与发展》 2022年第5期75-79,共5页 Computer Technology and Development

基金国家自然科学基金(61705060)。

关键词多服务器模糊提取身份验证逆向遍历组合运算智能卡 multi server fuzzy extraction identity authentication reverse traversal combinatorial operation smart card

分类号 TP393.08 [自动化与计算机技术—计算机应用技术]

引文网络
相关文献

参考文献6

1刘道微,凌捷,杨昕.一种改进的满足后向隐私的RFID认证协议[J].计算机科学,2016,43(8):128-130. 被引量：59
2王瑞兵,陈建华,张媛媛.一个匿名的基于生物特征的多服务器的密钥认证协议方案的研究[J].计算机应用研究,2016,33(7):2190-2196. 被引量：8
3万涛,刘遵雄,马建峰.多服务器架构下认证与密钥协商协议[J].计算机研究与发展,2016,53(11):2446-2453. 被引量：7
4汪定,李文婷,王平.对三个多服务器环境下匿名认证协议的分析[J].软件学报,2018,29(7):1937-1952. 被引量：23
5杜浩瑞,陈建华,戚明平,彭聪,范青.一个前向安全的基于RSA的多服务器的认证协议[J].计算机科学,2019,46(S11):409-413. 被引量：5
6屈娟,冯玉明,李艳平,李丽.可证明的基于扩展混沌映射的匿名多服务器身份认证协议[J].山东大学学报（理学版）,2019,54(5):44-51. 被引量：2

二级参考文献40

1周永彬,冯登国.RFID安全协议的设计与分析[J].计算机学报,2006,29(4):581-589. 被引量：211
2Fan C L,Chan Y C,Zhang Zhikai.Robust remote authentication scheme with smart cards[J].Computer & Security,2005,24(8):619-628.
3Li Chunta,Hwang M S.An efficient biometrics-based remote user authentication scheme using smart cards[J].Journal of Network and Computer Applications,2010,33(1):1-5.
4Xiong Li,Niu Jianwei,Wang Weideng,et al.Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart card[J].Journal of Network and Computer Applications,2011,34(l):73-79.
5Truong T,Tran M,Duong A.Robust biometrics based remote user authentication scheme using smart cards[C]//Proc of the 15th IEEE International Conference on Network-Based Information Systems.2012:384-391.
6Chang C,Lee J.An efficient and secure multi-server password authentication scheme using smart card[C]//Proc of International Conference on Innovative Computing Information and Control.2012:725-728.
7Tsaur W J,Li Jiahong,Lee W B.An efficient and secure multi-server authentication scheme with key agreement[J].Journal of System and Software,2012,85(4):876-882.
8Yoon E,Yoo K.Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem[J].The Journal of Supper Computing,2013,63(1):235-255.
9Wang Bin,Ma Maode.A smart card based efficient and secured multi-server authentication scheme[J].Wireless Personal Communication,2013,68(2):361-378.
10He Debiao,Wu Shuhua.Security flaws in a smart card based authentication scheme for multi-server environment[J].Wireless Personal Communication,2013,70(1):323-329.

共引文献89

1占善华,黄少荣.一种基于字合成运算的射频识别双向认证协议[J].电信科学,2018,34(12):65-70. 被引量：1
2张朝晖,简碧园,刘道微.一种轻量级的无线射频识别双向认证方案研究[J].无线互联科技,2017,14(3):30-31.
3张朝晖,简碧园,刘道微.基于混沌加密的标签所有权转移协议[J].金卡工程,2017,19(3):51-52.
4简碧园.一种RFID系统群组标签密钥无线生成算法[J].电脑与电信,2017(5):35-37.
5简碧园,汪海涛,刘道微.一种RFID双向认证协议[J].计算机与现代化,2017(7):107-110.
6蓝耿,刘道微.基于字合成运算的群组RFID标签所有权转移协议[J].计算机工程,2017,34(8):151-155. 被引量：8
7刘鑫玥,潘巍,王新艳,王月莲.一种更安全的基于智能卡的多服务器身份认证方案研究[J].计算机应用研究,2017,34(11):3446-3450. 被引量：8
8斯进,简碧园,刘道微.RFID系统密钥无线生成算法[J].计算机工程与设计,2017,38(10):2686-2690. 被引量：7
9徐扬,苑津莎,高会生,胡晓宇,赵振兵.基于伪ID的RFID认证协议及串空间证明[J].计算机科学,2017,44(10):142-146. 被引量：8
10石源,张焕国,吴福生.一种可信虚拟机迁移模型构建方法[J].计算机研究与发展,2017,54(10):2284-2295. 被引量：6

1刘欢欢,许豪杰.边缘计算环境下基于区块链的双因子跨域认证[J].计算机科学与应用,2021,11(7):1845-1852.
2赖韬,王松,房利国,韩炼冰.一种指纹生物特征的隐私保护和认证方法[J].通信技术,2021,54(9):2202-2207.
3刘成,沈云波,张亚东,朱昭媛.面向使用性能的人字齿轮对称度误差评定方法研究[J].现代制造工程,2022(4):1-8.
4李平,孙新飞,白银,范成文,闵凡路.隧道渗漏封堵材料性能及封堵效果分析[J].中国公路学报,2022,35(1):38-48. 被引量：3

计算机技术与发展

2022年第5期

浏览历史

内容加载中请稍等...

基于模糊提取技术的多服务器身份验证协议

参考文献6

二级参考文献40

共引文献89

相关作者

相关机构

相关主题

浏览历史