一种适于受限资源环境的远程用户双向身份鉴别方案

An Efficient Remote User Mutual Authentication Scheme for Resource-limited Environment

作者：方恩博(四川大学信息安全研究所)；刘嘉勇(四川大学信息安全研究所)；肖丰霞(四川大学信息安全研究所)

Author：Fang Enbo(Inst. of Info. Security,Sichuan Univ.)；Liu Jiayong(Inst. of Info. Security,Sichuan Univ.)；Xiao Fengxia(Inst. of Info. Security,Sichuan Univ.)

收稿日期：2011-03-29 年卷（期）页码：2011,43(5):140-145

期刊名称：工程科学与技术

Journal Name：Advanced Engineering Sciences

关键字：身份鉴别；可修复性；智能卡；口令猜测攻击

Key words：authentication;reparability;smart card;password guessing attack

基金项目：欧盟FP7项目（no.247083）

中文摘要

针对计算资源受限环境下的远程用户身份鉴别问题，在分析一种基于智能卡的远程用户身份鉴别方案安全问题的基础上，通过引入二次散列函数和注册随机因子，提出一种更加安全高效的身份鉴别方案。安全性分析结果表明，所提出鉴别方案可解决原方案不能对抗离线口令猜测攻击和假冒攻击的脆弱性，同时保持了原方案计算代价低、可实现双向鉴别等特点，使在计算资源受限环境下的应用具有更好的安全性和实用性。

英文摘要

Aiming at remote user authentication scheme with resource-limited environment, a smart card based password authentication scheme’s security flaws were analyzed, and an efficient authentication scheme with better security strength was proposed by introducing quadratic hash function and registered random factor. The security analysis showed that the proposed scheme can solve the security problem of being vulnerable towards off-line password guessing and forgery attacks, meanwhile keeping the merits of original schemes, such as low computation cost and mutual authentication. The proposed scheme can achieve better performances in security and practical operations under resource-limited conditions.

【关闭】

论文摘要

一种适于受限资源环境的远程用户双向身份鉴别方案

An Efficient Remote User Mutual Authentication Scheme for Resource-limited Environment