计算机应用研究2017,Vol.34Issue(10):3061-3067,7.DOI:10.3969/j.issn.1001-3695.2017.10.041
基于椭圆曲线密码的多服务器环境下三因子认证协议
Three-factor authentication scheme for multi-server environments based on elliptic curve cryptography
夏鹏真 1陈建华1
作者信息
- 1. 武汉大学数学与统计学院,武汉430072
- 折叠
摘要
Abstract
With the increasing of the multi-server application,researches on three-factor authentication scheme which based on password,smart card and biometrics continue ensure the information safety of the communcation parties.Recently,Chaudhry proposed a new three-factor authentication scheme based on elliptic curve cryptosystem.This paper showed that his scheme was vulnerable to not only denial of service attacks,but also user impersonation attack.In addition,users didn't have a unique identifier in his protocol,and they were unable to change the password.To solve these safety deficiencies,this paper proposed an improved scheme,reasonably used the elliptic curve cryptosystem and fuzzy extractor technology to combine three-factor.This paper proves that the proposed scheme is feasible and safe through Burrows-Abadi-Needham (BAN) logic and the analysis of the known attacks.As compared with the previous multi-server authentication schemes,the proposed scheme is more secure and practical.关键词
生物特征/模糊提取器/椭圆曲线密码/多服务器/认证协议Key words
biometrics/fuzzy extractor/elliptic curve cryptosystem/multi-server/authentication scheme分类
信息技术与安全科学引用本文复制引用
夏鹏真,陈建华..基于椭圆曲线密码的多服务器环境下三因子认证协议[J].计算机应用研究,2017,34(10):3061-3067,7.
