作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于智能卡的多服务器匿名认证方案

王耄,王晓明   

  1. (暨南大学计算机科学系,广州 510632)
  • 收稿日期:2015-07-30 出版日期:2016-05-15 发布日期:2016-05-13
  • 作者简介:王耄(1990-),男,硕士研究生,主研方向为信息安全;王晓明,教授、博士、博士生导师。
  • 基金资助:
    国家自然科学基金资助项目(61070164,61272415);广东省自然科学基金资助项目(S012010008767);广东省科技计划基金资助项目(2013B010401015,2012B091000136)。

Multi-server Anonymous Authentication Scheme Based on Smart Card

WANG Mao,WANG Xiaoming   

  1. (Department of Computer Science,Jinan University,Guangzhou 510632,China)
  • Received:2015-07-30 Online:2016-05-15 Published:2016-05-13

摘要: 分析健壮的多服务器架构下智能卡认证方案,针对该方案不能完全实现用户匿名,存在拒绝服务攻击和智能卡攻击等问题,提出一种改进方案。利用随机掩蔽技术,使每个用户智能卡存储的密钥不同,且每次登录认证的用户名随机变化,并通过BAN逻辑分析证明改进方案的有效性。分析结果表明,该方案能够抵抗智能卡攻击和拒绝服务攻击,实现用户完全匿名认证,减少服务器端的计算量。

关键词: 多服务器, 智能卡, 匿名认证, 动态ID, 隐私保护

Abstract: Through the analysis of robust smart card authentication scheme for multi-server architecture,it is found that this scheme does not fully realize user anonymous authentication,and exists Denial of Service(DoS) attack,smart card breach attack and other security issues.To solve these problems,this paper proposes an improved scheme.By using the random masking technology,the smart card storage key of each user is different and the user name changes randomly when users login every time,and the BAN logic analysis is performed to demonstrate the effectiveness of the improved scheme.Analysis results show that it can resist smart card breach attack and DoS attack,achieves full anonymous authentication for users,and reduces the server-side computation.

Key words: multi-server, smart card, anonymous authentication, dynamic ID, privacy protection

中图分类号: