• 中国计算机学会会刊
  • 中国科技核心期刊
  • 中文核心期刊

J4 ›› 2016, Vol. 38 ›› Issue (03): 465-470.

• 论文 • 上一篇    下一篇

一种改进的智能卡远程用户匿名认证方案

刘润杰,刘恒超,申金媛   

  1. 郑州大学信息工程学院,河南 郑州 450001)
  • 收稿日期:2015-02-28 修回日期:2015-05-21 出版日期:2016-03-25 发布日期:2016-03-25
  • 基金资助:

    河南省科技厅产学研项目(142107000004)

An improved remote user anonymous
authentication scheme using smart cards  

LIU Runjie,LIU Hengchao,SHEN Jinyuan   

  1. (School of Information Engineering,Zhengzhou University,Zhengzhou 450001,China)
  • Received:2015-02-28 Revised:2015-05-21 Online:2016-03-25 Published:2016-03-25

摘要:

针对Sonwanshi提出的远程用户认证方案存在会话密钥安全性差、不能抵御扮演攻击和离线口令猜测攻击的缺陷,提出了一种改进方案,主要在注册和登录阶段增加了安全性能。在注册阶段,用户口令直接在智能卡内进行相应运算,不再提交给服务器。这不仅降低了服务器对口令存储、维护的开销,而且避免了服务器对用户的攻击,提高了安全性能。在登录阶段,采用随机数的挑战应答方式取代原方案的时间戳方式,消除了时钟不同步导致的认证失败。对原方案、改进方案和其他同类方案进行安全性和效率分析的结果表明,改进方案不仅弥补了原方案的缺陷,而且相对同类方案,降低了时间复杂度,适用于安全需求高、处理能力低的设备。

关键词: 智能卡, 身份认证, 匿名性, 扮演攻击, 会话密钥

Abstract:

We find some security flaws in Sonwanshi’s remote user authentication scheme, such as poor session key security and incapability to resist impersonation attacks and offline password guessing attacks. We propose an improvement scheme, which mainly enhances the security of Sonwanshi’s scheme in the registration and login phase. In the registration phase, users’ passwords are directly stored in the local smart cards rather than be submitted to the server, which not only reduces the costs of servers for password storage and maintenance, but also improves the security performance. In the login phase, the original time stamp mode is replaced by a random number challenge response mode to avoid authentication failure caused by clock asynchronization. The analysis on security performance and efficiency shows that the proposed scheme not only eliminates the defects of Sonwanshi’s scheme, but also reduces the time complexity in comparison with similar schemes. It, therefore, is suitable for those devices with low processing power and high security requirements.

Key words: smart card;identity authentication;anonymous;impersonation attack;session key