首页 | 本学科首页   官方微博 | 高级检索  
     

可证明安全的基于RSA的远程用户口令认证协议
引用本文:汪定,王平,李增鹏,马春光. 可证明安全的基于RSA的远程用户口令认证协议[J]. 系统工程理论与实践, 2015, 35(1): 191-204. DOI: 10.12011/1000-6788(2015)1-191
作者姓名:汪定  王平  李增鹏  马春光
作者单位:1. 北京大学 信息科学技术学院, 北京 100871;2. 哈尔滨工程大学 计算机科学与技术学院, 哈尔滨 150001;3. 软件工程国家工程研究中心(北京大学), 北京 100871
基金项目:国家自然科学基金(61472016, 61170241);黑龙江省自然科学基金(F201229);哈尔滨市科技创新人才专项资金(2012 RFXXG086)
摘    要:身份认证是确保信息系统安全的基本手段,基于RSA的认证协议由于实用性较强而成为近期研究热点.讨论了Xie等提出的一个基于RSA的双因子远程用户认证协议,指出该协议不能抵抗重放攻击和密钥泄露仿冒攻击,无法实现所声称的安全性,并且存在用户隐私泄露和可修复性差问题,不适于实际应用.给出一个改进方案,在随机预言机模型下,基于RSA假设证明了改进方案的安全性.与现有的基于RSA的同类协议相比,改进协议在保持较高效率的同时,首次实现了可证明安全性,适用于安全需求较高的移动应用环境.

关 键 词:认证协议  RSA  随机预言机模型  重放攻击  智能卡  
收稿时间:2013-06-24

Provably secure RSA-based remote user authentication protocol using passwords
WANG Ding,WANG Ping,LI Zeng-peng,MA Chun-guang. Provably secure RSA-based remote user authentication protocol using passwords[J]. Systems Engineering —Theory & Practice, 2015, 35(1): 191-204. DOI: 10.12011/1000-6788(2015)1-191
Authors:WANG Ding  WANG Ping  LI Zeng-peng  MA Chun-guang
Affiliation:1. School of Electronics Engineering and Computer Science, Peking University, Beijing 100871, China;2. School of Computer Science and Technology, Harbin Engineering University, Harbin 150001, China;3. National Engineering Research Center for Software Engineering (Peking University), Beijing 100871, China
Abstract:With identity authentication becoming an essential mechanism to ensure robust system security in information systems, RSA-based authentication protocols have been studied intensively for their great practicality. This paper points out that a recent RSA-based remote user two-factor authentication protocol proposed by Xie et al. cannot achieve the claimed security and reports its following flaws: (1) It is vulnerable to replay attack and key compromise impersonation attack; (2) It suffers from the problem of user privacy violation and poor repairability. As our main contribution, an improved scheme is put forward and formally proved secure under the RSA assumption in the random oracle model. As compared with other related schemes, our scheme is the first one that can achieve provable security while keeping the merit of high performance. Consequently, our scheme is more well-suited for mobile application scenarios where resource is severely constrained and security is particularly concerned.
Keywords:authentication protocol  RSA  random oracle model  replay attack  smart card
本文献已被 CNKI 等数据库收录!
点击此处可从《系统工程理论与实践》浏览原始摘要信息
点击此处可从《系统工程理论与实践》下载全文
设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号