信息网络安全 ›› 2019, Vol. 19 ›› Issue (10): 42-49.doi: 10.3969/j.issn.1671-1122.2019.10.006

• 技术研究 • 上一篇    下一篇

远程医疗环境下面向多服务器的轻量级多因子身份认证协议研究

张敏1,2, 许春香1, 黄闽英3()   

  1. 1.电子科技大学网络空间安全学院,四川成都 611731
    2.西南民族大学语言中心,四川成都 610041
    3.西南民族大学计算机科学与技术学院,四川成都 610041
  • 收稿日期:2019-07-04 出版日期:2019-10-10 发布日期:2020-05-11
  • 通讯作者: 黄闽英 E-mail:hmy101@swun.edu.com
  • 作者简介:

    作者简介:张敏(1983—),男,四川,实验师,博士,主要研究方向为信息安全与网络安全、身份认证协议;许春香(1965—),女,湖南,教授,博士,主要研究方向为信息安全、密码学;黄闽英(1975—),女,江西,副教授,硕士,主要研究方向为信息管理。

  • 基金资助:
    国家自然科学基金[61370203];国家重点研发计划[2017YFB0802000];中央高校基本科研业务费专项基金[2018NQN60]

Research on Multi-server Lightweight Multi-factor Authentication Protocol in Telemedicine Environment

Min ZHANG1,2, Chunxiang XU1, Minying HUANG3()   

  1. 1. School of Cyberspace Security, University of Electronic Science and Technology of China, Chengdu Sichuan 611731, China
    2. Language Center, Southwest Minzu University, Chengdu Sichuan 610041, China
    3. School of Computer Science and Technology, Southwest Minzu University, Chengdu Sichuan 610041, China
  • Received:2019-07-04 Online:2019-10-10 Published:2020-05-11
  • Contact: Minying HUANG E-mail:hmy101@swun.edu.com

摘要:

现有的远程医疗环境身份认证都是针对单服务器环境的,随着远程医疗体系的发展,用户需要访问多个医院服务器查询病情,也需要访问医保网站查询报销情况或访问其他第三方服务器。因此,对远程医疗环境下多服务器身份认证方案的研究具有积极意义。2019年,BARMAN等人提出了远程医疗环境下多服务器身份认证方案,但该方案存在可扩展性差、易遭受特权攻击、不能实现访问控制等安全问题。为了解决这些问题,文章提出了基于Fuzzy Commitment和HMAC算法的多因子身份认证方案,通过安全性分析、证明及仿真实验可知,文中方案具有较高的安全性,虽然计算量和通信开销略有增长,但能较好地解决BARMAN等人方案面临的安全威胁。

关键词: 多因子身份认证, 散列消息身份验证码, 多服务器, 轻量级, 模糊承诺

Abstract:

The existing telemedicine environment identity authentication is aimed at a single server environment. With the development of telemedicine systems, users have access to multiple hospital servers to query for medical conditions, as well as hospital server and commercial insurance or other third-party servers. Therefore, the research on multi-server identity authentication scheme in telemedicine environment has positive significance. In 2019, BARMAN et al. proposed a multi-server identity authentication scheme for telemedicine environment, but there are still many security problems in this scheme, such as poor scalability, vulnerable to privileged attacks, and inability to implement access control. In order to solve the above problems, this paper proposes a multi-factor identity authentication scheme based on Fuzzy Commitment and HMAC algorithm. Through analysis, it can be seen that the proposed scheme can solve the security threats of BARMAN’s scheme though the computation and communication increased slightly.

Key words: multi-factor authentication, HMAC, multi-server, light weight, fuzzy commitment

中图分类号: