摘要
认证协议是确保服务器和用户通过公开网络进行安全通信的一个重要手段。针对2013年皮兰等提出的一种改进的基于智能卡的远程异步认证协议,指出皮兰等方案缺乏匿名性且对拒绝服务(Do S)攻击是脆弱的,并给出一种新的认证方案。新方案采用动态登录身份保护用户的匿名性和三次握手技术抵抗D o S攻击,通过安全性证明和性能分析说明了新协议的高效性。
Authentication protocol is a crucial technique to ensure the secure communication between remote server and users in the open network. In 2013 Pi et al. proposed an improved remote asynchronous authentication scheme with smart card. However, we investigate the scheme is inability to user's anonymity and vulnerable to denial of service(DoS) attack. In order to overcome the pitfalls in Pi et al. 's scheme, a smart card and dynamic identity based authentication scheme is proposed. The proposed scheme can resist all kinds of mentioned attacks as well as maintain efficient performance.
出处
《电子技术应用》
北大核心
2015年第3期97-100,共4页
Application of Electronic Technique
关键词
认证协议
匿名性
DOS攻击
动态身份
椭圆曲线密码体制
authentication scheme
anonymity
DoS attack
dynamic identity
elliptic curve cryptography(ECC)