鲁棒且高效的远程认证及密钥协商协议

计算机应用 ›› 2012, Vol. 32 ›› Issue (05): 1381-1384.

鲁棒且高效的远程认证及密钥协商协议

唐宏斌,刘心松

电子科技大学计算机科学与工程学院，成都 610054

收稿日期:2011-11-07 修回日期:2011-12-15 发布日期:2012-05-01 出版日期:2012-05-01
通讯作者: 唐宏斌
作者简介:唐宏斌（1973-），男，广西河池人，博士研究生，主要研究方向：分布式系统、密码学协议；刘心松（1940-），男，重庆石柱人，教授，博士，主要研究方向：数字有机体系统。

Robust and efficient remote authentication with key agreement protocol

TANG Hong-bin,LIU Xin-song

School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China

Received:2011-11-07 Revised:2011-12-15 Online:2012-05-01 Published:2012-05-01
Contact: TANG Hong-bin

摘要/Abstract

摘要： 由于口令容易记忆，基于口令的认证协议已被广泛采用于各种网络服务中。然而由于口令的低熵性导致了基于口令的认证协议易遭受到各种攻击。2011年，Islam等(ISLAM SK H, BISWAS G P. Improved remote login scheme based on ECC. IEEE-International Conference on Recent Trends in Information Technology. Washington, DC: IEEE Computer Society, 2011： 1221-1226)提出一种改进的基于椭圆曲线的远程登录协议，该协议存在着被盗校验子攻击和客户身份冒充攻击，同时并未能提供双向认证。为了解决此类问题提出了一种基于椭圆曲线的远程认证和密钥协商协议(RAKA)，RAKA基于椭圆曲线离散对数难题，在执行过程中只需做6次点乘运算和7次哈希运算，比Islam等协议少用1次点乘运算，协议效率提高约15%，是一种比Islam等协议更安全、高效的协议。

关键词: 密码学, 认证, 协议, 椭圆曲线密码系统, 密钥协商, 口令

Abstract: Password-based authentication and key exchange protocol have been widely used in various network services due to easy memory of password. Unfortunately, password-based authentication scheme also suffers from attacks because of the low entropy of password. In the year 2011, Islam et al.（ISLAM SK H, BISWAS G P. Improved remote login scheme based on ECC. IEEE-International Conference on Recent Trends in Information Technology. Washington, DC: IEEE Computer Society, 2011： 1221-1226）proposed an improved remote login scheme based on Elliptic Curve Cryptography (ECC).Whereas, the scheme was vulnerable to stolen-verifier and impersonation attacks and failed to provide mutual authentication. Therefore, the authors proposed a password-based Remote Authentication with Key Agreement (RAKA) protocol using ECC to tackle the problems in Islam et al.'s scheme. RAKA was based on Elliptic Curve Discrete Logarithm Problem (ECDLP) and needed to compute six elliptic curve scale multiplications and seven hash function operations during a protocol run. The efficiency improves by about 15%〖BP(〗 percent〖BP)〗. It is more secure and efficient than Islam et al.'s scheme.

Key words: cryptography, authentication, protocol, Elliptic Curve Cryptosystem (ECC), key agreement, password

中图分类号:

唐宏斌刘心松. 鲁棒且高效的远程认证及密钥协商协议[J]. 计算机应用, 2012, 32(05): 1381-1384.

TANG Hong-bin LIU Xin-song. Robust and efficient remote authentication with key agreement protocol[J]. Journal of Computer Applications, 2012, 32(05): 1381-1384.

参考文献

［1］LAMPORT L. Password authentication with insecure communication［J］.Communication of the ACM, 1981， 24(11): 770-772.

［2］PEYRAVIAN M, ZUNIC N. Methods for protecting password transmission［J］. Computers & Security, 2000， 19(5): 466-469.

［3］LEE C C, LI L H, HWANG M S. A remote user authentication scheme using hash functions［J］.ACM SIGOPS Operating Systems Review, 2002， 36(4): 23-29.

［4］HWANG J J, YEH T C. Improvement on Peyravian-Zunic's password authentication schemes［J］.IEICE Transactions on Communications, 2002，E85-B(4): 823-825.

［5］PEYRAVIAN M, JEFFRIES C. Secure remote user access over insecure networks［J］.Computer Communications, 2006， 29(5): 660-667.

［6］KU W C, CHEN C M, HUI L. Cryptanalysis of a variant of Peyravian-Zunic's password authentication scheme［J］.IEICE Transactions on Communications, 2003， E86-B(5): 1682-1684.

［7］LIN C L, HWANG T. A password authentication scheme with secure password updating［J］. Computers & Security, 2003， 22(1): 68-72.

［8］ZHU L, YU S, ZHANG X. Improvement upon mutual password authentication scheme［C］// International Seminar on Business and Information Management.Wuhan:IEEE, 2008， 1: 400-403.

［9］ISLAM SK H, BISWAS G P. Improved remote login scheme based on ECC［C］// International Conference on Recent Trends in Information Technology. Washington, DC: IEEE Computer Society, 2011： 1221-1226.

［10］YOON E J, YOO K Y. Robust user password change scheme based on the elliptic curve cryptosystem［J］.Fundamenta Informaticae, 2008， 87(3/4): 483-492.

［11］HE D B. Weaknesses in an ECC-based AKA protocol for wireless mobile communications ［EB/OL］. ［ 2011-09-11］.http://eprint.iacr.org/2011/336.pdf.

［12］KOBLITZ N. Elliptic curve cryptosystems［J］.Mathematics of Computation, 1987， 48(177): 203-209.

［13］CERTICOM RESEARCH. Standard for efficient cryptography, SEC 1: EC Cryptography. Ver. 1.0［EB/OL］. ［ 2011-09-11］.http://www.secg.org/collateral/sec1.pdf.

［14］DENNING D E, SACCO G M. Timestamps in key distribution protocols［J］.Communications of the ACM, 1981，24(8): 533-536.

[1]	肖跃雷, 邓小凡. 基于证书的有线局域网安全关联方案改进与分析[J]. 计算机应用, 2021, 41(7): 1970-1976.
[2]	杜心雨, 王化群. LTE-A网络中基于动态组的有效的身份认证和密钥协商方案[J]. 计算机应用, 2021, 41(6): 1715-1722.
[3]	吴恺凡, 殷新春. 基于随机运算符的轻量级匿名射频识别系统双向认证协议[J]. 计算机应用, 2021, 41(6): 1621-1630.
[4]	施安妮, 李陶深, 王哲, 何璐. 基于缓存辅助的全双工无线携能通信系统的中继选择策略[J]. 计算机应用, 2021, 41(6): 1539-1545.
[5]	郭帅, 苏旸. 基于数据流的加密流量分类方法[J]. 计算机应用, 2021, 41(5): 1386-1391.
[6]	谷正川, 郭渊博, 方晨. 基于代理重加密的消息队列遥测传输协议端到端安全解决方案[J]. 计算机应用, 2021, 41(5): 1378-1385.
[7]	祝永晋, 尹飞, 豆龙龙, 吴昆, 张志伟, 钱柱中. 基于前向纠错的自适应网络传输机制[J]. 计算机应用, 2021, 41(3): 825-832.
[8]	张平, 贾亦巧, 王杰昌, 石念峰. 三因子匿名认证与密钥协商协议[J]. 《计算机应用》唯一官方网站, 2021, 41(11): 3281-3287.
[9]	朱玉娜, 张玉涛, 闫少阁, 范钰丹, 陈韩托. 基于半监督子空间聚类的协议识别方法[J]. 计算机应用, 2021, 41(10): 2900-2904.
[10]	陈锦宇, 刘兆伟. 基于改进投票证明共识协议的车联网系统[J]. 计算机应用, 2021, 41(1): 170-176.
[11]	张兴兰, 赵怡静. 基于单光子的量子双向同步身份认证协议[J]. 计算机应用, 2020, 40(9): 2634-2638.
[12]	王明芬. 软件定义无线局域网的切换接入机制[J]. 计算机应用, 2020, 40(9): 2706-2711.
[13]	江泽涛, 徐娟娟. 云环境下基于签密的异构跨域身份认证方案[J]. 计算机应用, 2020, 40(3): 740-746.
[14]	王志恒, 徐彦彦. 基于TrustZone的移动云环境指纹认证终端APP的设计和实现[J]. 计算机应用, 2020, 40(11): 3255-3260.
[15]	袁驰. 基于身份的动态层簇式无线传感网络认证算法[J]. 计算机应用, 2020, 40(11): 3236-3241.