[1]郝伟伟,吕 磊.基于模糊提取技术的多服务器身份验证协议[J].计算机技术与发展,2022,32(05):75-79.[doi:10. 3969 / j. issn. 1673-629X. 2022. 05. 013]
 HAO Wei-wei,LYU Lei.Multi Server Authentication Protocol Based on Fuzzy Extraction Technology[J].,2022,32(05):75-79.[doi:10. 3969 / j. issn. 1673-629X. 2022. 05. 013]
点击复制

基于模糊提取技术的多服务器身份验证协议()
分享到:

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

卷:
32
期数:
2022年05期
页码:
75-79
栏目:
网络与安全
出版日期:
2022-05-10

文章信息/Info

Title:
Multi Server Authentication Protocol Based on Fuzzy Extraction Technology
文章编号:
1673-629X(2022)05-0075-05
作者:
郝伟伟1 吕 磊2
1. 河南省市场监督管理局 信息中心,河南 郑州 450008;
2. 河南工业大学 信息科学与工程学院,河南 郑州 450008
Author(s):
HAO Wei-wei1 LYU Lei2
1. Information Center,Administration for Market Regulation of Henan Province,Zhengzhou 450008,China;
2. School of Information Science and Technology,Henan University of Technology,Zhengzhou 450008,China
关键词:
多服务器模糊提取身份验证逆向遍历组合运算智能卡
Keywords:
multi serverfuzzy extractionidentity authenticationreverse traversal combinatorial operationsmart card
分类号:
TP393. 08
DOI:
10. 3969 / j. issn. 1673-629X. 2022. 05. 013
摘要:
针对屈娟等人采用模糊提取技术、切比雪夫混沌映射算法给出一个身份认证协议进行全面的安全性分析,指出该身份认证协议存在安全隐患或有待商榷的地方等问题,并在此协议基础之上提出一个改进的基于模糊提取技术的多服务器环境下的身份验证协议。 文中协议针对安全等级要求不同的隐私信息采用不同的算法进行加密,安全等级要求较高的数据采用模糊提取技术进行加密,其他数据采用逆向遍历组合运算进行加密;模糊提取技术算法属于轻量级的加密算法,逆向遍历组合运算属于超轻量级的加密算法,两种算法组合使用,在确保安全的前提下,亦可减少通信实体的整体计算量。 逆向遍历组合运算是一种文中自主设计的超轻量级运算,算法可基于按位运算,同时混入每个加密参量自身固有的属性汉明权重,在减少参数引入的同时,亦可增加攻击者的破解难度。 从安全、性能角度综合分析各协议,文中协议可在确保安全的前提下,尽可能降低整体计算量,适用于低成本智能卡中。
Abstract:
Aiming at the problem that Qu Juan et al. points out that the identity authentication protocol has security risks or problems to be discussed using fuzzy extraction technology and Chebyshev chaotic mapping algorithm to give a comprehensive security analysis of an identity authentication protocol,we propose an improved identity authentication protocol based on fuzzy extraction technology in multi-server environment. In this paper, different algorithms are used to encrypt the privacy information with different security level requirements,the data with higher security level requirements are encrypted by fuzzy extraction technology, and the other data are encrypted by reverse traversal combination operation. Fuzzy extraction algorithm belongs to lightweight encryption algorithm,and reverse traversal combination algorithm belongs to ultra-lightweight encryption algorithm. The combination of the two algorithms can reduce the overall calculation of communication entities on the premise of ensuring security. Reverse traversal combination operation is a kind of ultra-lightweight operation designed by ourselves in this paper. The algorithm can be based on bit wise operation. At the same time,it can mix in the Hamming weight of each encryption parameter’s own inherent attribute,which can reduce the introduction of parameters and increase the attacker爷 s cracking difficulty. From the perspective of security and performance,the protocol can reduce the total amount of computation as much as possible on the premise of ensuring security, which is suitable for low-cost smart card.

相似文献/References:

[1]曹阳.多服务器环境下动态身份认证密钥协商方案[J].计算机技术与发展,2018,28(05):131.[doi:10.3969/ j. issn.1673-629X.2018.05.030]
 CAO Yang.Dynamic Identity Authentication Key Agreement Scheme under a Multi-server Environment[J].,2018,28(05):131.[doi:10.3969/ j. issn.1673-629X.2018.05.030]

更新日期/Last Update: 2022-05-10