摘要： 基于椭圆曲线上的双线性映射设计的远程用户认证方案，因安全性好、计算复杂度较小近年来成为了研究的热点。Manik提出了一种基于双线性映射的远程用户认证方案，随后Chou等指出其方案针对假冒攻击是不安全的，并给出了一种改进方案，但Thulasi指出该改进方案仍是不安全的。该文对已有的攻击方法进行了简单分析，提出了一种新的改进方案，并对其安全性进行了分析，新的方案针对已有的攻击方法是安全的，从而解决了基于双线性映射的远程用户认证方案的安全问题。

关键词: 认证, 双线性对, 口令, 智能卡

Abstract: Research of the remote user authentication scheme based on elliptic curve increases recently. Manik proposes a novel remote user authentication scheme using bilinear pairings. Chou points out that it is insecure to personate attack, and makes an improvement. But Thulasi indicates that their improved scheme still suffers from the forgery attack. This paper analyses the current attack, proposes a new improved scheme. The new scheme is secure to the existing attack. This paper resolves the security problem of the remote user authentication scheme based on bilinear pairs.

Key words: Authentication, Bilinear pairings, Password, Smart card