检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:曹阳[1] CAO Yang(School of Mathematics and Computer Science,Shaanxi University of Technology, Hanzhong 723000, Chin)
机构地区:[1]陕西理工大学数学与计算机科学学院,陕西汉中723000
出 处:《计算机技术与发展》2018年第5期131-134,共4页Computer Technology and Development
基 金:国家自然科学基金(21373132);陕西省教育科研计划项目(17JK0148)
摘 要:为了提高远程用户利用网络从不同服务器访问时身份认证的安全性,基于ECC密码体制及离散对数问题的难解性,利用hash函数的单向性,结合用户身份、口令提出了一种多服务器环境下动态身份认证密钥协商方案。该方案使用hash函数隐藏用户口令、身份,信息发送都是在安全信道上发送,由注册阶段、登录阶段、认证密钥协商阶段、口令更改阶段四个部分组成。注册时用户Ui向注册中心RC传送的是匿名身份;登录时用户Ui的身份是动态身份,实现了用户的强匿名性;密钥协商时实现了可信注册中心RC、服务器Sj及用户Ui三方相互认证。分析表明,方案具有抗重放攻击、抗伪造攻击、抗恶意合法用户攻击、三方认证、强匿名性等安全性。In order to improve the security of remote users' identity authentication with network to visit from different servers,based on ECC cryptography and the intractability of discrete logarithmic,with the one-way hash function,we propose a dynamic identity authenti- cation key agreement scheme under a multi-server environment combined with the users' identity and password. It takes advantage of hash function to hide the user' s password and identity. Message routing is completed through secure channel,consisting of register stage, Iogin stage,authentication key agreement stage and password change stage. User Ui sends an anonymous identity to the registry when reg- istering. In logging, the identity of user Ui is dynamic, which realizes the user' s strong anonymity. In key agreement, a three-party mutual anthenticationis completed among a reiiable registry RC, Sj server and user Ui . The analysis shows that the scheme has such security fea- tures as resisting replay attacks, resisting forgery attack, anti-malicious legal user attacks, three-party authentication proposed, and strong anonymity.
分 类 号:TP31[自动化与计算机技术—计算机软件与理论]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.28