检索规则说明:AND代表“并且”;OR代表“或者”;NOT代表“不包含”;(注意必须大写,运算符两边需空一格)
检 索 范 例 :范例一: (K=图书馆学 OR K=情报学) AND A=范并思 范例二:J=计算机应用与软件 AND (U=C++ OR U=Basic) NOT M=Visual
名 称:
注 释:
作 者:黄朝阳 陈金木 HUANG Chaoyang;Chen Jinmu(School of Information Engineering,XiaMen Ocean College Xiamen Fujian 361100)
机构地区:[1]厦门海洋学院信息工程学院,福建厦门361100
出 处:《电子科技大学学报》2023年第5期747-755,共9页Journal of University of Electronic Science and Technology of China
基 金:中国高校产学研创新基金(2020ITA05024)。
摘 要:为在SIP认证协议中实现用户匿名性并提高协议的安全性能,将挑战/应答机制、椭圆曲线密码技术和口令认证相结合,提出一种新的匿名SIP认证协议。协议仅使用少量的椭圆曲线点乘运算,既保障认证的安全性又有效降低了整体运算量。协议在认证过程中引入高熵随机数,认证双方使用挑战/应答机制的三次握手实现双向认证,同时协商生成后续会话所需密钥。通过对协议的BAN逻辑分析和多种已知攻击的非形式化分析,证明该协议具有较高的安全性能。经与相关协议的效率比较,协议认证过程所需的运算量更小。In order to provide user anonymity in SIP(session initialization protocol)authentication protocol and improve the security performance of the protocol,a new anonymous SIP authentication protocol is proposed by combining challenge/response mechanism,elliptic curve cryptography and password authentication.The protocol only uses few point multiplication operations of elliptic curve cryptography,which not only ensures the security of authentication,but also effectively reduces the overall amount of computation.The protocol introduces high-entropy random number in the authentication process.The authentication parties use three handshakes of challenge/response mechanism to realize two-way authentication,and generate the key required for subsequent sessions at the same time.Through the BAN(Burrows,Abadi and Needham)logic analysis of the protocol and the informal analysis aim at many known attacks,it is proved that the protocol has high security performance.Compared with the efficiency of related protocols,the protocol authentication process requires less computation.
关 键 词:挑战/应答 椭圆曲线密码 HASH函数 口令认证 SIP协议
分 类 号:TP309.7[自动化与计算机技术—计算机系统结构]
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在载入数据...
正在链接到云南高校图书馆文献保障联盟下载...
云南高校图书馆联盟文献共享服务平台 版权所有©
您的IP:216.73.216.7