基于硬件指纹和生物特征的多因素身份认证协议

doi:10.3969/j.issn.1671-1122.2020.08.002

信息网络安全 ›› 2020, Vol. 20 ›› Issue (8): 9-15.doi: 10.3969/j.issn.1671-1122.2020.08.002

基于硬件指纹和生物特征的多因素身份认证协议

张骁, 刘吉强()

北京交通大学计算机信息与技术学院,北京 100044

收稿日期:2020-04-11 出版日期:2020-08-10 发布日期:2020-10-20
通讯作者: 刘吉强 E-mail:jqliu@bjtu.edu.cn
作者简介:张骁（1991—）,男,河南,博士研究生,主要研究方向为短距离通信安全、隐私保护、物联网安全|刘吉强（1973—）,男,山东,教授,博士,主要研究方向为可信计算、安全协议、隐私保护、网络安全
基金资助:
国家自然科学基金(61672092);中央高校基本科研业务费(2018JBZ103);山东省重点研发计划（重大科技创新工程）(2019JZZY020128)

Multi-factor Authentication Protocol Based on Hardware Fingerprint and Biometrics

ZHANG Xiao, LIU Jiqiang()

School of Computer and Information Technology, Beijing Jiaotong University, Beijing 100044, China

Received:2020-04-11 Online:2020-08-10 Published:2020-10-20
Contact: LIU Jiqiang E-mail:jqliu@bjtu.edu.cn

摘要/Abstract

摘要：

文章提出一种面向智能设备间短距离通信的多因素身份认证协议,将用户账户密钥作为知识因素、智能设备扬声器硬件指纹作为所有权因素、用户面部信息作为生物信息因素,从而抵抗一些常见攻击。文章提出的协议适用于不依赖额外硬件的短距离通信方式,协议利用信道特点结合硬件指纹和面部识别技术,在实现安全身份认证的同时为后续通信提供通信密钥,且后续通信不需要用户付出额外的认证动作便可对用户设备信息持续认证。安全分析和实验证明,该协议可以抵抗重放攻击、硬件指纹伪造攻击、智能设备被盗攻击等常见攻击,在智能家居、移动支付、非接触门禁等高安全性需求场景中有很大的应用价值。

关键词: 多因素身份认证, 硬件指纹, 生物特征, 短距离通信安全

Abstract:

This paper proposes a multi-factor authentication protocol for short-range communication between smart devices. It can prevent the common attacks, such as smartphone lost attack, man-in-the-middle attack, replay attack, by combining the user’s account key as a knowledge factor, the smart device speaker hardware fingerprint as a ownership factor, and the user’s facial information as a biological information factor. This protocol proposes is suitable for no extra hardware short-range communication methods. This paper uses the high-security features of audio channel to continuously authentication while authentication side received data signals. Security analysis and experiments prove that the protocol has high application value in high security scenario, such as smart home, mobile payment, and contactless access control.

Key words: multi-factor authentication, hardware fingerprint, biometrics, short-range communication security

中图分类号:

TP309

张骁, 刘吉强. 基于硬件指纹和生物特征的多因素身份认证协议[J]. 信息网络安全, 2020, 20(8): 9-15.

ZHANG Xiao, LIU Jiqiang. Multi-factor Authentication Protocol Based on Hardware Fingerprint and Biometrics[J]. Netinfo Security, 2020, 20(8): 9-15.

图/表 6

图1

表1

图2

图3

图4

表2

参考文献 20

[1]	DENSO WAVE. What is a QR Code[EB/OL]. https://www.qrcode.com/en/about/, 2020-1-11.
[2]	YUAN Wenjia, DANA K, ASHOK A, et al. Dynamic and Invisible Messaging for Visual MIMO[C]// IEEE. 2012 IEEE Workshop on the Applications of Computer Vision(WACV), January 9-11, 2012, Breckenridge, CO, USA. New Jersey: IEEE, 2012: 345-352.
[3]	NANDAKUMAR R, CHINTALAPUDI K K, PADMANABHAN V, et al. Dhwani: Secure Peer-to-Peer Acoustic NFC[J]. ACM SIGCOMM Computer Communication Review, 2013,43(4):63-74. doi: 10.1145/2534169.2486037 URL
[4]	LAMPORT L. Password Authentication with Insecure Communication[J]. Communications of the ACM, 1981,24(11):770-772.
[5]	GUNSON N, MARSHALL D, MORTON H, et al. User Perceptions of Security and Usability of Single-factor and Two-factor Authentication in Automated Telephone Banking[J]. Computers & Security, 2011,30(4):208-220.
[6]	NIMMY K, SANKARAN S, ACHUTHAN K. A Novel Multi-factor Authentication Protocol for Smart Home Environments[C]// Springer. International Conference on Information Systems Security, ICISS 2018, December 17-19, 2018, Bengaluru, India. New York: Springer, 2018: 44-63.
[7]	FERNANDES E, JUNG J, PRAKASH A. Security Analysis of Emerging Smart Home Applications[C]// IEEE. 2016 IEEE Symposium on Security and Privacy(SP), May 23-25, 2016, FAIRMONT, SAN JOSE, CA. New Jersey: IEEE, 2016: 636-654.
[8]	WANG Anran, LI Zhuoran, PENG Chunyi, et al. InFrame++ Achieve Simultaneous Screen-Human Viewing and Hidden Screen-Camera Communication[C]// SIGMOBILE. The 13th Annual International Conference on Mobile Systems, Applications, and Services, MobiSys’15, May 18-22, 2015, Florence, Italy. New York: Association for Computing Machinery, 2015: 181-195.
[9]	ZHANG Xiao, LIU Jiqiang, CHEN Si, et al. PriWhisper+: An Enhanced Acoustic Short-range Communication System for Smartphones[J]. IEEE Internet of Things Journal, 2018,6(1):614-627.
[10]	YU Yi, HE Jingsha, ZHU Nafei, et al. A New Method for Identity Authentication Using Mobile Terminals[EB/OL]. https://doi.org/10.1007/978-3-030-22277-2_31, 2020-1-1.
[11]	SARKAR A, SINGH B K. A Novel Session Key Generation and Secure Communication Establishment Protocol Using Fingerprint Biometrics[M]. Switzerland: Springer, Cham, 2020.
[12]	SUN Jianguo, ZHONG Qi, KOU Liang, et al. A Lightweight Multi-factor Mobile User Authentication Scheme[C]// IEEE. INFOCOM 2018-IEEE Conference on Computer Communications Workshops(INFOCOM WKSHPS), April 15-19, 2018, Honolulu, HI, USA. New Jersey: IEEE, 2018: 831-836.
[13]	BHUVANESWARI M, PARAMASIVAN B, ALDABBAS H. A Two-Level Authentication Protocol for Vehicular Adhoc Networks[C]// Springer. Intelligent Computing Paradigm and Cutting-edge Technologies: Proceedings of the First International Conference on Innovative Computing and Cutting-edge Technologies(ICICCT 2019), April 29-30, 2019, Namakkal, Tamil Nadu, India. New York: Springer, 2019: 139-147.
[14]	CHALLA S, DAS A K, ODELU V, et al. An Efficient ECC-based Provably Secure Three-factor User Authentication and Key Agreement Protocol for Wireless Healthcare Sensor Networks[EB/OL]. http://www.socolar.com/Article/Index?aid=100056319114&jid=100000003579, 2020-2-10.
[15]	CAPROLU M, SCIANCALEPORE S, DI PIETRO R, Short-range Audio Channels Security: Survey of Mechanisms, Applications,Research Challenges[EB/OL]. https://arxiv.org/abs/2001.02877, 2020-2-10.
[16]	BA Zhongjie, QIN Zhan, FU Xinwen, et al. CIM: Camera in Motion for Smartphone Authentication[J]. IEEE Transactions on Information Forensics and Security, 2019,14(11):2987-3002.
[17]	CHEN Dajiang, ZHANG Ning, QIN Zhiguang, et al. S2M: A Lightweight Acoustic Fingerprints-based Wireless Device Authentication Protocol[J]. IEEE Internet of Things Journal, 2016,4(1):88-100.
[18]	PALANISWAMY B, CAMTEPE S, FOO E, et al. Continuous Authentication for VANET[EB/OL]. https://doi.org/10.1016/j.vehcom.2020.100255, Vehicular Communications, 2020-4-16.
[19]	FENG Huan, FAWAZ K, SHIN K G. Continuous Authentication for Voice Assistants[C]// ACM. 23rd Annual International Conference on Mobile Computing and Networking, October 16-20, 2017, Snowbird, Utah, USA. New York: ACM, 2017: 343-355.
[20]	BURROWS M, ABADI M, NEEDHAM R M. A Logic of Authentication[J]. ACM Transactions on Computer System, 1990,8(1):18-36.

符号	含义
${{R}_{k}}$	密钥随机数
${{R}_{t}}$	时间戳随机数
$I{{D}_{u}}$	用户账号
${{P}_{{}}}$	用户设定的密码
${{F}_{f}}$	用户面部特征
${{F}_{h}}$	扬声器硬件指纹
${{A}_{i}}$	第i次声音信号
$D$	硬件指纹学习音频

	S2M^[17]	ABC^[16]	SUN^[12]	本文协议
抗窃听攻击	Yes	Yes	Yes	Yes
抗重放攻击	No	Yes	Yes	Yes
抗设备被盗攻击	No	No	Yes	Yes
抗中间人攻击	Yes	Yes	No	Yes
抗密码猜测攻击	Yes	Yes	Yes	Yes
抗伪造攻击	No	Yes	Yes	Yes
持续认证	No	No	No	Yes
基于信道特点优化	Yes	Yes	No	Yes

基于硬件指纹和生物特征的多因素身份认证协议

Multi-factor Authentication Protocol Based on Hardware Fingerprint and Biometrics

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 6

参考文献 20

相关文章 6

编辑推荐

Metrics

本文评价

[1]	张富友, 王琼霄, 宋利. 基于生物特征识别的统一身份认证系统研究[J]. 信息网络安全, 2019, 19(9): 86-90.
[2]	亢保元, 颉明明, 司林. 基于生物识别技术的多云服务器认证方案研究[J]. 信息网络安全, 2019, 19(6): 45-52.
[3]	游林, 梁家豪. 基于同态加密与生物特征的安全身份认证研究[J]. 信息网络安全, 2018, 18(4): 1-8.
[4]	宋新霞, 马佳敏, 陈智罡, 陈克非. 基于SEAL的虹膜特征密文认证系统[J]. 信息网络安全, 2018, 18(12): 15-22.
[5]	王毓娜, 吕秋云. 基于生物识别的网络身份认证新方案[J]. 信息网络安全, 2014, 14(8): 1-5.
[6]	张芙蓉. 结合生物特征识别技术的音频水印算法研究[J]. , 2011, 11(8): 0-0.