密码学报2018,Vol.5Issue(2):111-125,15.DOI:10.13868/j.cnki.jcr.000224
适用于移动客户端——多服务器环境的用户认证与密钥协商协议
User Authentication and Key Agreement Protocol for Mobile Client-multi-server Environment
摘要
Abstract
With the rapid development of E-commerce, network service providers usually provide users with a wide range of services running on different servers. Thus, multi-server model has been widely used. Meanwhile, more and more people access network services more quickly through the mobile phones or other mobile devices, this is the current mobile client-multi-server model which has been very popular. On one hand, mobile devices bring convenience to our lives. On the other hand, the openness of mobile Internet makes its security issues more serious. It is necessary to design a user authentication and key agreement protocol for the mobile client-multi-server model. However, compared with personal computers, mobile devices have resource-constrained features. So how to design a protocol that combines security and efficiency is not an easy task. In order to solve this problem, this study proposes a user authentication and key agreement protocol under the mobile client-multi-server model. Certificateless public key cryptography can solve the problem of certificate management in traditional public key systems and the inherent key escrow problem in identity-based public key cryptography, it has the advantages of both high efficiency and security. In addition, the mobile devices have the characteristics of resource constraints, so the certificateless public key cryptography is very suitable for designing a security protocol for mobile devices which have limited resources. In this paper, it is proved that the proposed protocol can provide mutual authentication and secure key agreement services in the random oracle model. Compared with other protocols of the same type,the proposed protocol in this paper has a better computational efficiency.关键词
移动设备/无证书/随机预言模型/用户认证/密钥协商Key words
mobile device/certificateless/random oracle model/user authentication/key agreement分类
信息技术与安全科学引用本文复制引用
刘波,周雨阳,胡飞,李发根..适用于移动客户端——多服务器环境的用户认证与密钥协商协议[J].密码学报,2018,5(2):111-125,15.基金项目
国家自然科学基金项目(61272525) (61272525)
中央高校基本科研业务费项目(ZYGX2016J081)National Natural Science Foundation of China(61272525) (ZYGX2016J081)
the Fundamental Research Funds for the Central Universities(ZYGX2016J081) (ZYGX2016J081)
