摘要
针对远程医疗信息系统(TMIS)的实时应用场景,提出了一种安全高效的基于扩展混沌映射的切比雪夫多服务器认证协议。该方案使用随机数和注册中心的私钥为用户/应用服务器的身份加密,有效地支持用户和应用服务器的撤销和重新注册。同时,还利用模糊验证因子技术避免离线密码猜测攻击,利用honeywords技术有效避免在线密码猜测攻击。该方案在公共信道上传输的与用户身份相关的信息均使用随机数或随机数的计算结果进行加密,因此可以为用户提供强匿名性。通过BAN逻辑证明该协议可以实现用户和服务器的安全相互认证;同时,使用非正式安全证明该协议可以抵抗多种已知攻击。
Aiming at the real-time application scenario of TMIS,this paper proposed a safe and efficient MSAKA protocol based on the extended Chebyshev chaotic map.The proposed scheme used random numbers and the private key of the registration center to encrypt the identity of the user/application server,which effectively supported the cancellation and re-registration of the user and the application server.At the same time,it used the fuzzy verification factor technology to avoid offline password guessing attacks,and used the honeywords technology to effectively avoid online password guessing attacks.The information related to the user’s identity transmitted in the proposed scheme on the public channel was encrypted with random numbers or the calculation results of random numbers,so it could provide users with strong anonymity.Through the BAN logic,it proved that the proposed protocol can realize the secure mutual authentication of the user and the server.At the same time,it used informal security to prove that the proposed protocol can resist all currently known attacks.
作者
翟孝影
王箭
Zhai Xiaoying;Wang Jian(School of Computer Science&Technology,Nanjing University of Aeronautics&Astronautics,Nanjing 210000,China)
出处
《计算机应用研究》
CSCD
北大核心
2022年第7期2137-2142,共6页
Application Research of Computers
基金
国家自然科学基金资助项目(2020YFB1005900)
广东省国家重点研发资助项目(2020B0101090002)
江苏省自然科学基金资助项目(BK20200、418)
国家重点科研资助项目(2020YFB1005900)。
关键词
远程医疗信息系统
切比雪夫混沌映射
认证
BAN逻辑证明
telemedicine information system(TMIS)
Chebyshev chaotic map
authentication
BAN logical proof
