一种基于CPK的远程认证方案  被引量:2

A Remote Authentication Scheme Based on CPK

在线阅读下载全文

作  者:陈亚茹 陈庄[1] 齐锋[1] ChenYaru;Chen Zhuang;Qi Feng(School of Computer Science and Engineering,Chongqing University of Technology,Chongqing 40005)

机构地区:[1]重庆理工大学计算机科学与工程学院,重庆400054

出  处:《信息安全研究》2018年第11期1034-1039,共6页Journal of Information Security Research

基  金:重庆市研究生科研创新基金项目(CYS18312)

摘  要:随着宽带网络的接入和企业移动办公模式的兴起,针对现有的客户端与服务器远程认证过程中存在客户端私钥泄露、ECDH协议遭受中间人攻击等问题,提出了一种改进的CPK认证方案,有效地解决客户端私钥泄露、ECDH协议遭受中间人攻击的问题,实现了多用户并发登录.提出的改进方案是基于随机数的CPK算法,该算法是在原CPK基础上对密钥协商协议进行了改进,同时用随机数对用户标识进行绑定,不同私钥有不同的随机数,不存在线性关系.通过模拟实验对比,证明该认证方案有较强的安全性及较高计算效率.With the access of broadband network and the rise of enterprise mobile office models. Aiming at the problems of client private key leaking and ECDH protocol being attacked by man-in-the-middle in the process of remote authentication between client and server, an improved CPK authentication scheme is proposed, which effectively solves the problems of client private key leaking and ECDH protocol being attacked by middle-man, and realizes multi-user concurrent login. The proposed improvement scheme is CPK algorithm based on random numbers, this algorithm improves the key protocol based on the original CPK, and binds the user id with a random number. Different private keys have different random numbers and no linear relationship. Through the comparison of performance, it is proved that the scheme has strong security and computational efficiency.

关 键 词:远程认证 CPK算法 随机数 ECDH协议 私钥泄露 

分 类 号:TP309[自动化与计算机技术—计算机系统结构]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象