User Authentication Scheme Based on D-H Key Exchange Protocol

doi:10.3969/j.issn.1000-3428.2012.20.021

Computer Engineering ›› 2012, Vol. 38 ›› Issue (20): 81-84.

• Networks and Communications • Previous Articles Next Articles

User Authentication Scheme Based on D-H Key Exchange Protocol

ZHOU Xian-cun ^1,2, XIONG Yan ², LIU Ren-jin¹

(1. School of Information Engineering, West Anhui University, Lu’an 237012, China; 2. School of Computer Science and Technology, University of Science and Technology of China, Hefei 230027, China)

Received:2011-11-02 Revised:2012-02-19 Online:2012-10-20 Published:2012-10-17

基于D-H密钥交换协议的用户认证方案

周先存 ^1,2，熊焰 ²，刘仁金 ¹

(1. 皖西学院信息工程学院，安徽六安 237012；2. 中国科学技术大学计算机科学与技术学院，合肥 230027)

作者简介:周先存(1974－)，女，副教授，主研方向：信息安全；熊焰、刘仁金，教授、博士
基金资助:
国家自然科学基金资助项目(61170233)；安徽省自然科学基金资助项目(11040606M150)；安徽省高等学校省级自然科学研究基金资助项目(KJ2011B204)

Abstract

Abstract: Analysis indicates that Liaw et al’s remote user authentication scheme is vulnerable to replay attack, man-in-the-middle attack, and there are obvious security vulnerabilities in the password changing phase and registration phase. A remote user authentication scheme based on Diffie-Hellman(D-H) key exchange protocol is proposed. Theoretical analysis shows that the scheme can resist impersonation attack, replay attack, man-in-the-middle attack, and it can implement mutual authentication and session key generation securely.

Key words: user authentication, Diffie-Hellman(D-H) key exchange protocol, smart card, session key, hash function, man-in-the-middle attack

摘要： 分析指出Liaw等人的远程用户认证方案(Mathematical and Computer Modelling, 2006, No. 1/2)容易受到重放攻击和中间人攻击，并且密码修改阶段和注册阶段存在安全漏洞，在此基础上提出一个基于D-H密钥交换协议的远程用户认证方案。理论分析结果表明，该方案可以抵抗假冒攻击、重放攻击、中间人攻击，安全地实现相互认证及会话密钥生成。

关键词: 用户认证, D-H密钥交换协议, 智能卡, 会话密钥, 哈希函数, 中间人攻击

CLC Number:

TP309.2

ZHOU Xian-Cun, XIONG Yan, LIU Ren-Jin. User Authentication Scheme Based on D-H Key Exchange Protocol[J]. Computer Engineering, 2012, 38(20): 81-84.

周先存, 熊焰, 刘仁金. 基于D-H密钥交换协议的用户认证方案[J]. 计算机工程, 2012, 38(20): 81-84.

/ Recommend / Download Citations

URL:

https://www.ecice06.com/EN/Y2012/V38/I20/81

[1]	WEI Chengjing, LI Guodong. Encryption Algorithm of Video Images Combining Hyper-Chaotic System and Logistic Mapping [J]. Computer Engineering, 2022, 48(5): 263-271.
[2]	ZHOU Yimin, LIU Fangzheng, DU Zhenyu, ZHANG Kai. Analysis and Verification of IPSec VPN Security Vulnerability [J]. Computer Engineering, 2021, 47(6): 142-151.
[3]	GE Binghui, ZHAO Zongqu, HE Zheng, QIN Panke. Ring Signature Scheme of Programmable Hash Function on Lattices [J]. Computer Engineering, 2020, 46(10): 131-136.
[4]	SHI Zhicai, WANG Yihan, ZHANG Xiaomei, CHEN Jiwei, CHEN Shanshan. An RFID Grouping-proof Protocol with Privacy Protection and Forward Security [J]. Computer Engineering, 2020, 46(1): 108-113.
[5]	YE Qing, WANG Mingming, TANG Yongli, QIN Panke, WANG Yongjun. HIBE Scheme Based on Programmable Hash Function on Lattices [J]. Computer Engineering, 2020, 46(1): 129-135,143.
[6]	LI Mengdong,SHAO Yufang,SUN Yuqing,LI Jie. Efficiency Analysis of SWIFFT Algorithm [J]. Computer Engineering, 2019, 45(1): 109-114.
[7]	ZHAI Jinfeng,SUN Libo,LU Kai,LIN Xueyong,QIN Wenhu. Research on Flow Sampling Algorithm Based on Counting Bloom Filter [J]. Computer Engineering, 2018, 44(8): 273-278.
[8]	TAN Yuesheng,XING Chenshuo,WANG Jingyu. A Cloud Access Control Scheme Supporting Fine-grained Attribute Change [J]. Computer Engineering, 2018, 44(8): 7-13.
[9]	YANG Kang,YUAN Haidong,GUO Yuanbo. Two-dimensional Code Hierarchical Encryption Algorithm Based on Attribute Encryption [J]. Computer Engineering, 2018, 44(6): 136-140.
[10]	WANG Sixiang,ZHANG Lei,CUI Qi,GAO Xianwei,DUAN Xiaoyi. Correlation Electromagnetic Analysis Attacks Based on Signal Amplified Technology [J]. Computer Engineering, 2018, 44(4): 181-186,192.
[11]	SUN Ning,ZHAO Weiping,HEN Mei,LI Chao. An Improved Algorithm of Philips Audio Fingerprint Retrieval [J]. Computer Engineering, 2018, 44(1): 280-284.
[12]	MA Min,LI Zhihui,XU Tingting. Verifiable (n,n) Threshold Quantum Secret Sharing Scheme [J]. Computer Engineering, 2017, 43(8): 169-172.
[13]	LIU Xinliang,DU Ruiying,CHEN Jing,WANG Chiheng,YAO Shixiong,CHEN Jiong. Security Threat and Defense Method for SSL/TLS Protocol Session Key [J]. Computer Engineering, 2017, 43(3): 147-153.
[14]	YANG Xiaodong,GAO Guojuan,ZHOU Qixu,LI Yanan,WANG Caifen. E-government Data Security Exchange Scheme Based on Proxy Re-signature [J]. Computer Engineering, 2017, 43(2): 183-188.
[15]	LIN Yi,LIAO Qinzhi. Tamper Detection of DICOM File Header Information Based on Lossless Watermarking [J]. Computer Engineering, 2016, 42(5): 151-155,162.

Please choose a citation manager

Content to export

User Authentication Scheme Based on D-H Key Exchange Protocol

基于D-H密钥交换协议的用户认证方案

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments

模态框（Modal）标题

Please choose a citation manager

Content to export

User Authentication Scheme Based on D-H Key Exchange Protocol

基于D-H密钥交换协议的用户认证方案

PDF

Knowledge

Cited

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

Comments