摘要
随着网络和通信技术的发展,多服务器的身份认证问题成为近几年研究的重点。针对Chuang等人提出的基于生物特征的多服务器密钥认证方案存在的安全性不足等问题,Wang等人进行了改进,但是仍未解决不同服务器密钥相同造成的恶意攻击和伪造攻击等问题。因此,提出了一种更安全的基于智能卡的多服务器身份认证方案。该方案在服务器注册阶段,将高熵秘密数与服务器的ID进行计算再重新分配给服务器,使得不同的服务器具有不同的密钥。最后通过五个方案功能和性能比较分析,得出改进方案比前三种方案时间上分别缩短了16.67%、20%、28.57%,且能有效阻止恶意服务器攻击、伪造攻击、重放攻击和中间人攻击等多种攻击,安全性得到了提高,满足实际网络的高可靠性需求。
With the development of network and communication technology, multi-server identity authentication issue has become the focus of research in recent years. Chuang et al for the biometric-based multi-server key authentication scheme has insufficient security issues, Wang et al has been improved, but is still not resolve the same server key causes different malicious attacks and forgery attacks and other attacks. Therefore, this paper presented a safer smart card-based multi-server identity authentication scheme. The program on the server registration stage, it calculated and re-assigned the ID number of the server and high entropy secret to the server, so that different servers had different keys. Finally, it could be concluded from a comparative analysis about function and performance of the five programs that shortened the time of improvement program by 16. 67%, 20%, 28.57% than the first three programs. The improvement program can effectively prevent malicious attack, forgery attack, replay attack and intermediaries attacks and other attacks, and improve security to meet the actual needs of the network with high reliability.
出处
《计算机应用研究》
CSCD
北大核心
2017年第11期3446-3450,共5页
Application Research of Computers
基金
国家自然科学基金资助项目(61202027)
北京市属高等学校创新团队建设与教师职业发展计划资助项目(IDHT20150507)
关键词
多服务器
身份认证
密钥协商
智能卡
multi-server
identity authentication
key agreement
smart card