多服务器环境下的身份认证方案

doi:10.3969/j.issn.1000-3428.2015.03.023

计算机工程

多服务器环境下的身份认证方案

刘　莎^1a,朱淑华^1b,2

(1. 暨南大学a. 信息科学技术学院;b. 网络与教育技术中心,广州510632;2. 中山大学信息科学与技术学院,广州510006)

收稿日期:2014-03-25 出版日期:2015-03-15 发布日期:2015-03-13
作者简介:刘　莎(1989 - ),女,硕士研究生,主研方向:信息安全,密码学;朱淑华,高级工程师、博士研究生、CCF 高级会员。
基金资助:
国家自然科学基金资助项目(61272415);广东省产学研及科技计划基金资助项目(2012A080102007,2011B090400324, 2011B090400469,2012B040305008);广东省工程中心基金资助项目(GCZX-A1103);广州市科技计划基金资助项目(2013Y2-00071)。

Identity Authentication Scheme in Multi-server Environment

LIU Sha ^1a ,ZHU Shuhua ^1b,2

(1a. School of Information Science and Technology; 1b. Network & Educational Technology Center,Jinan University,Guangzhou 510632,China; 2. School of Information Science and Technology,Sun Yat-Sen University,Guangzhou 510006,China)

Received:2014-03-25 Online:2015-03-15 Published:2015-03-13

摘要/Abstract

摘要： 基于智能卡的多服务器远程认证方案,存在不能抵抗伪造攻击、重放攻击和中间人攻击等问题。针对上述安全性缺陷,提出一种改进的身份鉴别方案。该方案利用自验证的时间戳技术,解决基于时间戳技术的认证方案中存在的时钟同步问题,同时将时间戳作为随机数,有效地避免遭受重放攻击。安全性分析结果表明,与基于智能卡的多服务器远程认证方案相比,该方案继承了其轻量级认证的特征,计算量低,存储量小,实现了服务器对用户的可追踪性,满足实际网络的复杂性要求。

关键词: 认证, 智能卡, 时间戳技术, 口令, 多服务器环境

Abstract: Smart card based authentication scheme for multi-server environments can not resist some known types of attacks,such as forgery attacks,reply attacks and the man-in-the-middle attacks. In order to resolve the aforementioned security problems,this paper proposes a novel multi-server scheme. In new scheme,a self-verified timestamp technique is used to solve the problem of implementing clock synchronization in most typical timestamp-based scheme. In addition, timestamp can be used as random and it is efficient to avoid the reply attacks. Security analysis shows that,compared with smart card based multi-server remote authentication scheme,this scheme not only inherits the merits,such as lightweight computation and low memory size,but also can provide some features,such as the users’ traceability,and it extremely suits for the requirements of the complicated network environment.

Key words: authentication, smart card, timestamp technique, password, multi-server environment

中图分类号:

TP309. 8

刘莎,朱淑华. 多服务器环境下的身份认证方案[J]. 计算机工程, doi: 10.3969/j.issn.1000-3428.2015.03.023.

LIU Sha,ZHU Shuhua. Identity Authentication Scheme in Multi-server Environment[J]. Computer Engineering, doi: 10.3969/j.issn.1000-3428.2015.03.023.

http://www.ecice06.com/CN/Y2015/V41/I3/120

参考文献

参考文献 [ 1 ]　Lamport L. Password Authentication with Insecure Communication [ J ]. Communications of the ACM, 1981,24(11):770-772. [ 2 ]　Hwang M S, Li L H. A New Remote User Authentication Scheme Using Smart Cards [ J ]. IEEE Transactions on Consumer Electronics,2000,46 (1): 28-30. [ 3 ]　Das M L,Saxena A, Gulati V P. A Dynamic ID-based Remote User Authentication Scheme[J]. IEEE Transactions on Consumer Electronics,2004,50(2):629-631. [ 4 ]　张利华. 基于随机数和Hash 函数的认证方案[J]. 微电子学与计算机,2007,24(6):80-83. [ 5 ]　张少武,李　毅,曾立君,等. 基于身份的远程用户认证方案[J]. 计算机工程,2008,34(12):149-151. [ 6 ]　Lee W B, Chang C C. User Identification and Key Distribution Maintaining Anonymity for Distributed Computer Network [ J ]. International Journal of Computer System Science & Engineering,2000,15(4):211-214. [ 7 ]　Li L H,Lin L C, Hwang M S. A Remote Password Authentication Scheme for Multi-server Architecture Using Neural network[J]. IEEE Transactions on Neural Network,2001,12(6):1498-1504. [ 8 ]　Juang W S. Efficient Multi-server Password Authenticated Key Agreement Using Smart Cards[J]. IEEE Transactions on Consumer Electronics,2004,46(1):251-255. [ 9 ]　Chang C C,Lee J S. An Efficient and Secure Multiserver Password Authentication Protocol Using Smart Cards[C] / / Proceedings of the 3rd International Conference on Cyberworlds. Washington D. C., USA: IEEE Press 2004:417-422. [10]　Tsai J L. Efficient Multi-server Authentication Scheme Based on One-way Hash Function Without Verification Table [ J ]. Computer & Security, 2008, 27 ( 3/ 4 ): 115-121. [11]　Liao Y P, Wang S S. A Secure Dynamic Identity ID Based Remote User Authentication Scheme for Multiserver Environment [ J ]. Computer Standards & Interfaces,2009,31(1):24-29. [12]　Hsiang H C, Shih W K. Improvement of the Secure Dynamic ID Based Remote User Authentication Scheme for Multi-server Environment[J]. Computer Standards & Interfaces,2009,31(6):1118-1123. [13]　Sood S K,Sarjie A K, Singh K. A Secure Dynamic Identity Based Authentication Protocol for Multi-server Architecture [ J ]. Journal of Network and Computer Applications,2011,34(2):609-618. [14]　Lee C C,Lin T H,Chang R X. A Secure Dynamic ID Based Remote User Authentication Scheme for Multiserver Environments Using Smart Cards [ J ]. Expert Systems with Applications,2011,38(11):13863-13870. [15]　Li X,Ma J,Wang W,et al. A Novel Smart Card and Dynamic ID Based Remote User Authentication Scheme for Multi-server Environments [ J ]. Mathematical and Computer Modeling,2013,58(1):85-95. [16]　Woei J T,Jia H L,Wei B L. An Efficient and Secure Multi-server Authentication Scheme with Key Agreement[J]. The Journal of Systems and Software, 2012,85(4):876-882. 编辑　索书志

[1]	李静雯, 赵奎. 基于改进PCFG算法的口令猜测方法[J]. 计算机工程, 2023, 49(5): 38-47.
[2]	杨俊明, 尹超, 杨铮. 基于激励驱动的轻量级隐私保护位置证明协议[J]. 计算机工程, 2023, 49(3): 151-160.
[3]	廉文娟, 赵朵朵, 范修斌. 基于CFL_BLP模型的CFL SSL安全通信协议[J]. 计算机工程, 2021, 47(6): 152-163.
[4]	吴甜甜, 杨亚芳, 赵运磊. 一种面向车联网通信的条件隐私保护认证协议[J]. 计算机工程, 2021, 47(6): 14-22.
[5]	刘期烈, 陈澄. 基于区块链的V2G匿名身份认证方案[J]. 计算机工程, 2021, 47(11): 22-28.
[6]	张彭明, 张晓梅, 胡建鹏. 基于动态信任值的智能手机隐式认证方案[J]. 计算机工程, 2021, 47(10): 132-139,146.
[7]	杨吉云, 姚锐冬, 周洁, 高凌云. 基于切比雪夫混沌映射的车联网高效认证方案[J]. 计算机工程, 2021, 47(10): 34-42,51.
[8]	林梦琪, 张晓梅. 基于行为足迹的多模态融合身份认证[J]. 计算机工程, 2021, 47(10): 116-124.
[9]	杨雪婷, 李重. 车联网中基于车辆行为预测的身份认证方案[J]. 计算机工程, 2021, 47(1): 129-138.
[10]	柳亚男, 张正, 邱硕, 程远. WSN中基于物理不可克隆函数的簇内密钥分配[J]. 计算机工程, 2020, 46(9): 163-171.
[11]	赵宗渠, 黄鹂娟, 范涛, 马少提. 格上基于KEM的认证密钥交换协议[J]. 计算机工程, 2020, 46(7): 122-128.
[12]	任德志, 陈炬光, 王勇, 段晓冉, 郝玉洁, 吴晓华. 基于MIR树的空间查询验证方法[J]. 计算机工程, 2020, 46(3): 114-119,128.
[13]	杨小东, 裴喜祯, 安发英, 李婷, 王彩芬. 基于身份聚合签名的车载自组网消息认证方案[J]. 计算机工程, 2020, 46(2): 170-174,182.
[14]	吴昆, 魏国珩. 基于ECC的无证书WSN广播信息认证方案[J]. 计算机工程, 2020, 46(12): 157-162,200.
[15]	韩佳良, 徐明. 高斯矢量多路输入信道下的消息认证方案[J]. 计算机工程, 2020, 46(12): 120-126.

选择文件类型/文献管理软件名称

选择包含的内容

多服务器环境下的身份认证方案

Identity Authentication Scheme in Multi-server Environment

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价

模态框（Modal）标题

选择文件类型/文献管理软件名称

选择包含的内容

多服务器环境下的身份认证方案

Identity Authentication Scheme in Multi-server Environment

PDF

可视化

被引次数

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics

本文评价