作者投稿和查稿 主编审稿 专家审稿 编委审稿 远程编辑

计算机工程

• 安全技术 • 上一篇    下一篇

基于链路层位置隐私的改进匿名认证方案

慎耀辉,王晓明   

  1. (暨南大学计算机科学系,广州 510632)
  • 收稿日期:2013-11-26 出版日期:2014-07-15 发布日期:2014-07-14
  • 作者简介:慎耀辉(1989-),男,硕士研究生,主研方向:密码学,无线通信安全;王晓明,教授。
  • 基金资助:
    国家自然科学基金资助项目(61070164, 61272415);广东省自然科学基金资助项目(S012010008767);广东省科技计划基金资助项目(2012B091000136);广州市科技计划基金资助项目(12C542071906)。

Improved Anonymous Authentication Scheme Based on Link-layer Location Privacy

SHEN Yao-hui, WANG Xiao-ming   

  1. (Department of Computer Science, Jinan University, Guangzhou 510632, China)
  • Received:2013-11-26 Online:2014-07-15 Published:2014-07-14

摘要: 通过分析基于链路层的保护前向安全的位置隐私相互匿名认证方案,指出该方案在认证阶段并未完全实现用户匿名认证,同时还存在假冒攻击和拒绝服务攻击等安全问题,进而提出一个改进的匿名认证方案。该方案建立在椭圆曲线离散对数问题和单向哈希函数上,利用拉格朗日插值法为每个用户生成不同的认证参数,并采用随机掩蔽技术实现用户的匿名隐私认证。安全性和性能分析结果表明,改进方案可抵抗假冒攻击和拒绝服务攻击,实现用户完全匿名认证,达到保护移动用户隐私的目的,并且未增加移动用户的计算量和系统的通信量。

关键词: 隐私匿名认证, 位置隐私, 拒绝服务攻击, 假冒攻击, 单点登录, 动态ID

Abstract: Through the analysis of wireless network environment based on the protection of link layer forward secure location privacy mutually anonymous authentication scheme, this paper points out that this scheme in the authentication phase does not fully realize user anonymous authentication, but also exists the impersonation attack, Denial of Service(DoS) attack and other security issues. Therefore, this paper proposes an improved anonymous authentication scheme. The improved scheme builds on the elliptic curve discrete logarithm problem and secures one-way hash function, uses the Lagrange interpolation method to generate the authentication parameters for different users, and uses the random masking technique to achieve the user anonymous authentication. Security and performance analysis results show that the improved scheme can overcome the counterfeit attack and DoS attack, achieve completely user anonymous authentication, and protect the privacy of mobile users, and it does not increase the amount of computation for mobile users and system communication.

Key words: privacy anonymous authentication, location privacy, Denial of Service(DoS) attack, impersonation attack, Single Sign- on(SSO), dynamic ID

中图分类号: