基于ECC的物联网三因素双向认证协议  

作　　者：何耀 王以松[1,2] 张辉 HE Yao;WANG Yisong;ZHANG Hui(State Key Laboratory of Public Big Data,Guizhou University,Guiyang 550025,China;School of Computer Science and Technology,Guizhou University,Guiyang 550025,China;School of Information,Guizhou University of Finance and Economics,Guiyang 550025,China;Postdoctoral Scientific Research Station,Shiji Hengtong Technology Co.,Ltd.,Guiyang 550018,China)

机构地区：[1]贵州大学公共大数据国家重点实验室,贵阳550025 [2]贵州大学计算机科学与技术学院,贵阳550025 [3]贵州财经大学信息学院,贵阳550025 [4]世纪恒通科技股份有限公司博士后科研工作站,贵阳550018

出　　处：《智能计算机与应用》2024年第6期27-34,共8页Intelligent Computer and Applications

基　　金：国家自然科学基金(U1836205,61976065);2022年度贵州财经大学引进人才科研启动项目(2022YJ007);贵州省科技计划项目(黔科合支撑[2023]一般372);贵州省教育厅2023年度贵州省高校科学研究项目(黔教技[2023]063号)。

摘　　要：为解决物联网中用户和服务器双方认证过程中存在的隐私泄露、非法攻击等安全问题,提出一种基于ECC的物联网三因素双向认证协议。首先,使用ECC算法和Hash函数将用户密码、生物特征和智能卡三者结合生成三因素认证码,以提高系统安全性并降低系统运算复杂度。其次,认证双方通过2次信息交互实现双向认证,并引入数字签名和时间戳来保障认证的准确性与时效性,进一步增强协议安全性。最后,在认证结束后,设计会话密钥自动更新机制以防止会话密钥泄露引起的安全问题。在Ubuntu22.04虚拟机环境中对协议的操作时间进行测试,实验结果及分析表明,该协议对各种已知攻击具有鲁棒性,与其他协议相比,该协议具有明显的安全优势和性能优势。In order to solve the security problems such as privacy disclosure and illegal attacks in the authentication process of users and servers in the Internet of Things,a three-factor bidirectional authentication protocol based on ECC is proposed.Firstly,elliptic curve cryptography algorithm and Hash function are used to combine user password,biometric characteristics and smart card to generate three-factor authentication codes,which can improve system security and reduce system computational complexity.Secondly,the authentication parties use two information exchanges to achieve bidirectional authentication.And digital signature and timestamp are introduced to ensure the accuracy and timeliness of authentication,so as to enhance the protocol′s security.Finally,after completing the authentication,an automatic session key update mechanism is designed to prevent the security problems caused by session key disclosure.The operation time of the protocol is tested in the Ubuntu22.04 virtual machine environment.The experimental results and analysis show that the scheme is robust against various known attacks.Compared with other schemes,the proposed protocol has obvious security and performance advantages.

关 键 词：ECC算法 生物特征 智能卡 三因素双向认证 

分 类 号：TP309.2[自动化与计算机技术—计算机系统结构]