一种漫游网络中可证安全的用户认证方案研究

doi:10.3969/j.issn.1671-1122.2015.07.008

信息网络安全 ›› 2015, Vol. 15 ›› Issue (7): 51-57.doi: 10.3969/j.issn.1671-1122.2015.07.008

一种漫游网络中可证安全的用户认证方案研究

李慧智(), 韩广国, 王沂

杭州电子科技大学理学院,浙江杭州 310018

收稿日期:2015-06-17 出版日期:2015-07-01 发布日期:2015-07-28
作者简介:
作者简介：李慧智（1990-）,女,湖南,硕士研究生,主要研究方向：代数及其应用;韩广国（1972-）,男,山东,教授,博士,主要研究方向：群与组合结构、代数几何码和密码学;王沂（1991-）,女,陕西,硕士研究生,主要研究方向：代数及其应用。
基金资助:
国家自然科学基金[11471123];浙江省自然科学基金[LY12A01004]

Provable Security Research on User Authentication Scheme of Roaming Network

LI Hui-zhi(), HAN Guang-guo, WANG Yi

College of Science, Hangzhou Dianzi University, Hangzhou Zhejiang 310018, China

Received:2015-06-17 Online:2015-07-01 Published:2015-07-28

摘要/Abstract

摘要：

全球移动网络(GLOMONET)允许移动用户漫游进外部网络时仍能取得家庭网络的服务。因此,为了确保通信的安全进行,提供服务前移动用户必须经过验证。由于智能卡在管理密码文件中具有防篡改及便捷的优点,近期一些基于智能卡的安全认证方案被相继提出。文章指出了已有方案中的一些安全漏洞,并在此基础上提出了一个改进的安全并匿名的用户认证方案。该方案采用椭圆曲线加密,整个过程都使用低成本的函数如单向哈希函数和异或运算,安全性能高、计算量少、存储空间占用小,更适合于节能移动设备。方案只需要在用户、外地代理和家庭代理之间进行4次信息交换。方案具有重要的安全属性如单一用户注册、安全匿名性、无密码表等,且已证明能抵制重放攻击、已知密钥攻击、模仿攻击、内部攻击等各种恶意攻击。

关键词: 漫游网络, 智能卡, 匿名安全

Abstract:

Global mobility network (GLOMONET) is a useful network environment which allows a mobile user to access the services provided by his home network in a foreign network. In order to ensure the secure communications conducted over the GLOMONET, it is important to authenticate mobile users before providing services. Recently, due to the advantages of tamper-resistance and convenience in managing the password files, some secure authentication schemes based on smart cards are proposed. The article points out the security vulnerabilities in some schemes and proposes a modified user authentication scheme. The scheme adopts the elliptic curve encryption system and uses low-cost function such as one-way hash function and exclusive-OR operation, so it is more secure and it has smaller amounts of calculations and smaller storage spaces. It is more suitable for battery-powered mobile equipments. It only requires four information exchanges between user and two agents. It possesses important security attributes including single registration, user anonymity, and no password table. The scheme is proved that can resist various attacks such as replay attack, known-key attack, imitation attack, and inside attack.

Key words: roaming network, smart card, anonymity security

中图分类号:

TP309

李慧智, 韩广国, 王沂. 一种漫游网络中可证安全的用户认证方案研究[J]. 信息网络安全, 2015, 15(7): 51-57.

LI Hui-zhi, HAN Guang-guo, WANG Yi. Provable Security Research on User Authentication Scheme of Roaming Network[J]. Netinfo Security, 2015, 15(7): 51-57.

图/表 1

参考文献 20

[1]	ZHU J M, MA J F.A new authentication scheme with anonymity for wireless environments[J]. IEEE Transactions on Consumer Electronics, 2004, 50(1): 230-234.
[2]	Chenchi Lee, Minshiang Hwang, Ien Liao.Security enhancement on a new authentication scheme with anonymity for wireless environments[J]. IEEE Transactions on Consumer Electronics, 2006, 53(5): 1683-1687.
[3]	李顺东,王道顺. 现代密码学:理论、方法与研究前沿[M]. 北京:科学出版社,2009.
[4]	Douglas R Stinson著. 密码学原理与实践(第三版)[M].冯登国译.北京:电子工业出版社,2009.
[5]	Chiachun Wu, Weibin Lee.A secure authentication scheme with anonymity for wireless communications[J]. IEEE Communications Letters ,2008, 12(10): 722-723.
[6]	Peng Zeng, Zhenfu Cao, Kimkwang Choo.On the anonymity of some authentication schemes for wireless communications[J]. IEEE Communications Letters, 2009, 13(3): 170-171.
[7]	Jiseon Lee, Jikchang Chang, Donghoon Lee.Security flaw of authentication scheme with anonymity for wireless communications[J]. IEEE Communications Letters, 2009, 13(5): 292-293.
[8]	Darrel Hankerson,Alfred Menezes,Scott Vanstone著.椭圆曲线密码学导论[M].张焕国,等译.北京:电子工业出版社,2003.
[9]	Daojing He, Maode Ma, Yan Zhang, et al.A strong user authentication with smart cards for wireless communications[J]. Comput. Commun, 2010, 31(2): 1-8.
[10]	Teakyoung Youn, Youngho Park, Jongin Lim.Weaknesses in an anonymous authentication scheme for roaming service in global mobility networks[J]. IEEE Communications Letters, 2009, 13(7): 471-473.
[11]	Blaze M, Ioannidis J, Keromytis AD, et al.Anonymity in wireless broadcast networks[J]. Inteernational Journal of Network Security,2009,8(1):37-51.
[12]	卢开澄,卢华明,椭圆曲线算法导引[M]. 北京:清华大学出版社,2008.
[13]	桑林琼,王玉柱,高峰. 一种基于RSA的军用智能卡双向身份认证方案设计与分析[J].后勤工程学院学报,2007,(2):30-35.
[14]	王沂,韩广国,李慧智.无线网络中可证安全的移动用户密钥交换协议[J].信息网络安全,2015.(3):54-58.
[15]	Zhou Tao, Xu Jing.Provable secure authentication protocal with anonymity for roaming service in global mobility networks[J]. Computer Networks,2011,(2):205-213.
[16]	Daojing He, Chun Chen, Sammy Chan, et al.Design and validation of an efficient authentication scheme with anonymity for roaming service in global mobility networks[J]. Wireless Pers Commun, 2011, 25(5): 465-467.
[17]	Minsu park, Hyunsung Kim, Sung Woon Lee. Privacy preserving biometric-based user authentication protocol using smart cards[J]. IEEE International Conference on Computational Science and Engineering, 2014, 14(3): 1541-1544.
[18]	Huixian Li, Yafang Yang, Liaojun Pang.An Efficient Authentication Protocol with user anonymity for mobile networks[J]. IEEE Wireless Communications and Networking Conference,2013,13(9): 1842-1847.
[19]	Ashok Kumar Das.A Secure User Anonymity-Preserving Three-Factor Remote User Authentication Scheme for the Telecare Medicine Information Systems[J]. Springer Science Business Media, 2015,(1):67-71.
[20]	Zezhong Zhang, Qingqing Qi, Neeraj Kumar, et al.A secure authentication scheme with anonymity for session initiation protocol using elliptic curve cryptography[J]. Springer Science Business Media,2014,(3):453-455.

一种漫游网络中可证安全的用户认证方案研究

Provable Security Research on User Authentication Scheme of Roaming Network

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 20

相关文章 11

编辑推荐

Metrics

本文评价

[1]	亢保元, 颉明明, 司林. 基于生物识别技术的多云服务器认证方案研究[J]. 信息网络安全, 2019, 19(6): 45-52.
[2]	孙长辉, 张令臣, 高能. 一种基于智能卡认证的LVS集群方案设计[J]. 信息网络安全, 2017, 17(2): 59-65.
[3]	张俊芙, 胡爱群. 基于智能卡的远程文件安全管理系统设计和开发[J]. 信息网络安全, 2016, 16(8): 68-73.
[4]	梁颖升, 王琼霄, 马存庆, 王丽萍. 一种基于移动终端的可信消息传输方案设计[J]. 信息网络安全, 2015, 15(9): 158-162.
[5]	赵烽. 非接触智能卡安全分析与探讨[J]. , 2013, 13(2): 0-0.
[6]	章玥;郭建;朱晓冉. 基于模型的开发方法在多应用智能卡中的应用[J]. , 2013, 13(12): 0-0.
[7]	李欣. 一种基于智能卡的Android权限管理方法研究[J]. , 2012, 12(8): 0-0.
[8]	夏伟;李晖;崔彦平. 移动网银安全研究[J]. , 2012, 12(10): 0-0.
[9]	吴彬. 关于非接触式IC卡安全性的探究[J]. , 2011, 11(6): 0-0.
[10]	陈宇. 一卡通消费系统在电子商务中的安全应用探讨[J]. , 2010, (8): 0-0.
[11]	周利华;周虎生;文伟平. 一种新型软件加密流程的设计[J]. , 2010, (5): 0-0.