三因子匿名认证与密钥协商协议  被引量：3

作　　者：张平[1] 贾亦巧 王杰昌 石念峰 ZHANG Ping;JIA Yiqiao;WANG Jiechang;SHI Nianfeng(School of Mathematics and Statistics,Henan University of Science and Technology,Luoyang Henan 471023,China;Computer Teaching and Research Section,Physical Education College of Zhengzhou University,Zhengzhou Henan 450044,China;General Hospital of Eastern Theater Command,Nanjing Jiangsu 210002,China)

机构地区：[1]河南科技大学数学与统计学院,河南洛阳471023 [2]郑州大学体育学院计算机教研室,郑州450044 [3]东部战区总医院,南京210002

出　　处：《计算机应用》2021年第11期3281-3287,共7页journal of Computer Applications

基　　金：国家自然科学基金资助项目(11401172);河南省高等学校重点科研项目(20A520012)。

摘　　要：为确保通信双方的信息安全,很多认证与密钥协商(AKA)协议被提出并应用于实际场景中。然而现有三因子协议都存在安全漏洞,如易受智能卡丢失攻击、口令猜测攻击等,有的更是忽略了匿名性。针对上述问题提出了一种三因子匿名认证与密钥协商协议。该协议通过融合智能卡、口令和生物认证技术,并增加口令与生物特征更新阶段以及智能卡更新分配阶段,并利用椭圆曲线上的计算性Diffie-Hellman(CDH)假设进行信息交互,来实现安全通信。在随机预言机模型下证明了所提协议的安全性。与同类协议进行对比分析的结果表明,所提协议能有效防范智能卡丢失攻击、重放攻击等多种攻击,实现了匿名性、口令自由更新等更全面的功能,且具有较高的计算和通信效率。To ensure the information security of communication between two parties,many Authenticated Key Agreement(AKA)protocols have been proposed and applied in practical scenarios.However,the existing three-factor protocols have security vulnerabilities,such as being vulnerable to smart card loss attacks and password guessing attacks,and some even ignore anonymity.In order to solve the problems,a new three-factor anonymous authentication and key agreement protocol was proposed.In the proposed protocol,smart card,password and biometric authentication technology were integrated,the password and biometric characteristic update phase,the update and distribution phase of the smart card were added,and the Computational Diffie-Hellman(CDH)assumption on the elliptic curve was used for information interaction so as to realize secure communications.The security of the proposed protocol was proved by using the random oracle model.Compared with similar protocols,the analysis results show that the proposed protocol can prevent many attacks such as smart card loss attacks and replay attacks,realizes more comprehensive functions such as anonymity and free updating of password,and has higher computing and communication efficiency.

关 键 词：匿名认证 密钥协商 安全性证明 智能卡 生物认证技术 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]