检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:王超[1] 刘黎明[1] WANG Chao;LIU Li-ming(School of Software,Nanyang Institute of Technology,Nanyang 473004,China)
出 处:《计算机工程与设计》2018年第11期3368-3373,共6页Computer Engineering and Design
基 金:2017河南省科技攻关计划基金项目(172102210119)
摘 要:针对多服务器环境下的远程身份验证存在的安全性问题,提出基于椭圆曲线加密(ECC)的多因子远程用户身份验证协议。该协议所用的因子有密码、智能卡和生物统计信息。在登陆阶段,使用生物统计信息和密钥,将智能卡生成的时间戳信息作为一个依据发送到注册中心,保障基础数据的新鲜性;在身份验证阶段,检查时间戳信息和密钥等信息,由于攻击者无法检索这些基础信息,保障双向验证的顺利完成。BAN逻辑证明了所提协议能够提供安全准确的双向身份验证和会话密钥协商。安全性分析表明,与其它协议相比,所提协议可以抵御各种安全性威胁,总体计算成本较低。Aiming at the security problem of remote authentication in the environment of multiple server,a multiple-factor remote user authentication protocol based on elliptic curve cryptography(ECC)was proposed.The factors used in this protocol were ciphers,smart cards,and biometric information.On the landing stage,by using the biometric information and the key,the time stamp information generated by the smart card were sent to the registration center as a basis,making the basic data fresh.In the authentication stage,the time stamp information and the key information were checked,and the two-way authentication was completed successfully,because the attacker could not retrieve these basic information.The BAN logic proves that the proposed protocol can provide secure and accurate two-way authentication and session key negotiation.Security analysis shows that compared with other protocols,the proposed protocol can resist many kinds of security threats,and the overall cost of computing is low.
关 键 词:多服务器环境 椭圆曲线加密 远程身份验证 时间戳 BAN逻辑
分 类 号:TP393.08[自动化与计算机技术—计算机应用技术]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:3.145.163.13