《计算机应用》唯一官方网站 ›› 2021, Vol. 41 ›› Issue (11): 3281-3287.DOI: 10.11772/j.issn.1001-9081.2021010005

• 网络空间安全 • 上一篇    下一篇

三因子匿名认证与密钥协商协议

张平1, 贾亦巧1, 王杰昌2, 石念峰3()   

  1. 1.河南科技大学 数学与统计学院,河南 洛阳 471023
    2.郑州大学体育学院 计算机教研室,郑州 450044
    3.东部战区总医院,南京 210002
  • 收稿日期:2021-01-05 修回日期:2021-02-05 接受日期:2021-03-19 发布日期:2021-04-15 出版日期:2021-11-10
  • 通讯作者: 石念峰
  • 作者简介:张平(1976-),男,黑龙江牡丹江人,副教授,博士,CCF会员,主要研究方向:信息安全、密码学
    贾亦巧(1999-),女,河南洛阳 人,主要研究方向:数学与应用数学
    王杰昌(1985-),男,河南洛阳人,讲师,硕士,主要研究方向:计算机网络安全
    石念峰(1976-),男,河 南洛阳人,教授,博士,CCF会员,主要研究方向:计算机视觉、计算机网络安全。
  • 基金资助:
    国家自然科学基金资助项目(11401172);河南省高等学校重点科研项目(20A520012)

Three-factor anonymous authentication and key agreement protocol

Ping ZHANG1, Yiqiao JIA1, Jiechang WANG2, Nianfeng SHI3()   

  1. 1.School of Mathematics and Statistics,Henan University of Science and Technology,Luoyang Henan 471023,China
    2.Computer Teaching and Research Section,Physical Education College of Zhengzhou University,Zhengzhou Henan 450044,China
    3.General Hospital of Eastern Theater Command,Nanjing Jiangsu 210002,China
  • Received:2021-01-05 Revised:2021-02-05 Accepted:2021-03-19 Online:2021-04-15 Published:2021-11-10
  • Contact: Nianfeng SHI
  • About author:ZHANG Ping,born in 1976,Ph. D.,associate professor. His research interests include information security,cryptography
    JIA Yiqiao, born in 1999. Her research interests include mathematics and applied mathematics
    WANG Jiechang,born in 1985,M. S.,lecturer. His research interests include security of computer network
    SHI Nianfeng,born in 1976,Ph. D.,professor. His research interests include computer vision,security of computer network.
  • Supported by:
    the National Natural Science Foundation of China(11401172);the Key Scientific Research Project of Colleges and Universities in Henan Province(20A520012)

摘要:

为确保通信双方的信息安全,很多认证与密钥协商(AKA)协议被提出并应用于实际场景中。然而现有三因子协议都存在安全漏洞,如易受智能卡丢失攻击、口令猜测攻击等,有的更是忽略了匿名性。针对上述问题提出了一种三因子匿名认证与密钥协商协议。该协议通过融合智能卡、口令和生物认证技术,并增加口令与生物特征更新阶段以及智能卡更新分配阶段,并利用椭圆曲线上的计算性Diffie-Hellman(CDH)假设进行信息交互,来实现安全通信。在随机预言机模型下证明了所提协议的安全性。与同类协议进行对比分析的结果表明,所提协议能有效防范智能卡丢失攻击、重放攻击等多种攻击,实现了匿名性、口令自由更新等更全面的功能,且具有较高的计算和通信效率。

关键词: 匿名认证, 密钥协商, 安全性证明, 智能卡, 生物认证技术

Abstract:

To ensure the information security of communication between two parties, many Authenticated Key Agreement (AKA) protocols have been proposed and applied in practical scenarios. However, the existing three-factor protocols have security vulnerabilities, such as being vulnerable to smart card loss attacks and password guessing attacks, and some even ignore anonymity. In order to solve the problems, a new three-factor anonymous authentication and key agreement protocol was proposed. In the proposed protocol, smart card, password and biometric authentication technology were integrated, the password and biometric characteristic update phase, the update and distribution phase of the smart card were added, and the Computational Diffie-Hellman (CDH) assumption on the elliptic curve was used for information interaction so as to realize secure communications. The security of the proposed protocol was proved by using the random oracle model. Compared with similar protocols, the analysis results show that the proposed protocol can prevent many attacks such as smart card loss attacks and replay attacks, realizes more comprehensive functions such as anonymity and free updating of password, and has higher computing and communication efficiency.

Key words: anonymous authentication, key agreement, security proof, smart card, biometric authentication technology

中图分类号: