检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:周致成 李立新[1] 郭松 李作辉[1] ZHOU Zhicheng, LI Lixin , GUO Song, LI Zuohui(Information Engineering University, Zhengzhou Henan 450001, Chin)
机构地区:[1]信息工程大学,郑州450001
出 处:《计算机应用》2018年第6期1620-1627,共8页journal of Computer Applications
基 金:信息工程大学科研基金资助项目(2016609903)~~
摘 要:为解决传统跨域认证方式不多且方案复杂的问题,提出了基于区块链技术的生物特征和口令双因子跨域认证方案。首先,使用模糊提取技术提取生物特征的随机密钥参与认证,解决了生物特征泄露导致永久不可用的问题;其次,利用不易篡改的区块链存储生物特征公开信息,解决了模糊提取技术易受主动攻击威胁的问题;最后,基于区块链的分布式存储功能与联盟链架构,实现了用户在本地和异地环境下的双因子跨域认证。安全性分析和效率分析的结果表明,在安全性方面,所提方案具有抗中间人攻击、抗重放攻击等安全属性;在效率与可用性方面,该方案效率适中,用户无需携带智能卡,系统的可扩展性强。The traditional cross domain authentication schemes are few and complex. In order to solve the problems, a new biometric and password two-factor cross domain authentication scheme based on blockchain technology was proposed.Firstly, the fuzzy extraction technology was used to extract the random key of biometrics for participation authentication, and the problem of permanent unavailability caused by the biometric leakage was solved. Secondly, the untampered blockchain was used to store the public information of biometrics, and the threat of being vulnerable to active attacks for the fuzzy extraction technology was solved. Finally, based on the distributed storage function and consortium blockchain architecture of blockchain, the two-factor cross domain authentication of user in local and remote environment was realized. The results of security analysis and efficiency analysis show that, in terms of security, the proposed scheme has the security properties of anti-man-in-the-middle attack and anti-replay attack; in terms of efficiency and feasibility, the efficiency of the proposed scheme is moderate, users do not need to carry smart cards, and the expandability of system is strong.
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7