基于生物特征和混沌映射的多服务器身份认证方案

doi:10.11959/j.issn.1000-0801.2017045

摘要/Abstract

摘要：

基于密码的用户远程认证系统已被广泛应用，近年来的研究发现，单一口令系统容易遭受字典分析、暴力破解等攻击，安全性不高。生物特征与密码相结合的认证方式逐渐加入远程认证系统中，以提高认证系统的安全水平。但现有认证系统通常工作在单一服务器环境中，扩展到多服务器环境中时会遇到生物特征模板和密码容易被单点突破、交叉破解的问题。为了克服以上问题，提出了一种基于生物特征和混沌映射的多服务器密钥认证方案，该方案基于智能卡、密码和生物特征，可明显提高多服务器身份认证系统的安全性及抗密码猜解的能力。

关键词: 远程认证, 生物特征, 多服务器

Abstract:

Password-based user remote authentication system has been widely used in recent years,the study found that a single password system is so vulnerable to dictionary analysis and brute force attack as well as other attacks that the security is not high.Biometric and password combination authentication method gradually added to the remote authentication system in order to improve the security level of authentication system.However,the existing authentication systems work in a single server environment,if extended to a multi-server environment,biometric templates and passwords will encounter single point breakthrough and cross-crack problem.In order to overcome the above problems,a multi-server key authentication scheme based on biometric and chaotic map was proposed.The scheme was based on smart cards,passwords and biometrics,which could significantly improve the security and the ability of anti-password guessing of multi-server authentication systems.

Key words: remote authentication, biometrics, multi-server

中图分类号:

TP393

章坚武,姚泽瑾,吴震东. 基于生物特征和混沌映射的多服务器身份认证方案[J]. 电信科学, 2017, 33(2): 22-31.

Jianwu ZHANG,Zejin YAO,Zhendong WU. Multi-server identity authentication scheme based on biometric and chaotic maps[J]. Telecommunications Science, 2017, 33(2): 22-31.

图/表 15

图1

图2

图3

图4

图5

图6

图7

图8

表1

图9

图10

图11

表2

图12

表3

参考文献 22

[1]	J UANG W S , CHEN S T , LIAW H T . Robust and efficient password-authenticated key agreement using smart cards[J]. IEEE Transactions on Industrial Electronics, 2008,55(6):2551-2556.
[2]	SUN D Z , HUAI J P , SUN J Z , et al. Improvements of Juang's password-authenticated key agreement scheme using smart cards[J]. IEEE Transactions on Industrial Electronics, 2009,56(6):2284-2291.
[3]	FAN C I , LIN Y H . Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics[J]. IEEE Transactions on Information Forensics and Security, 2009,4(4):933-945.
[4]	HE D , KUMAR N , LEE J H . Enhanced three-factor security protocol for USB consumer storage devices[J]. IEEE Transactions on Consumer Electronics, 2014,60(1):30-37.
[5]	KUMARI S , KHAN M K , LI X . An improved remote user authentication scheme with key agreement[J]. Computers＆Electrical Engineering, 2014,40(6):1997-2012.
[6]	LEE N Y , CHIU Y C . Improved remote authentication scheme with smart card[J]. Computers Standards ＆ Interfaces, 2005,27(2):177-180.
[7]	KUMARI S , KHAN M K . Cryptanalysis and improvement of ‘A robust smart-card-based remote user password authentication scheme'[J]. International Journal of Communications Systems, 2014,27(12):3939-3955.
[8]	CHANG C C , LE H D , CHANG C H . Novel untraceable authenticated key agreement protocol suitable for mobile communication[J]. Wireless Personal Communications, 2013,71(1):425-437.
[9]	KUMARI S , KHAN M K . Security and Communication Network[J]. Security and Communication Network, 2014,7(11):2039-2053.
[10]	LI X , NIU J , MA J , et al. Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards[J]. Journal of Network＆Computer Applications, 2011,34(1):73-79.
[11]	KUMARI S , CHAUDHRU S A , WU F , et al. An improved smart card based authentication scheme for session initiation protocol[J]. Peer-to-Peer Networking Applications, 2015:1-14.
[12]	WU F , XU L , KUMARI S , et al. A novel and provably secure biometrics-based three-factor remote authentication scheme for mobile client-server networks[J]. Computers＆ Electrical Engineering, 2015,45:274-285.
[13]	YOON E , YOO K . Robust biometrics-based multi-server authentication with key agreement scheme for smart cards on elliptic curve cryptosystem[J]. The Journal of Supercomputer, 2013,63(1):235-255.
[14]	HE D , WANG D . Robust biometrics-based authentication scheme for multiserver environment[J]. IEEE Syst J, 2015,9(3):816-823.
[15]	ODELU V , DAS A K , GOSWAMI A . A secure biometrics-based multi-server authentication protocol using smart cards[J]. IEEE Trans Inf Forensics Secur, 2015,10(9):1953-1966.
[16]	MISHRA D , DAS A K , MUKHOPADHYAY S . A secure user anonymity-preserving biometric-based multi-server authenticated key agreement scheme using smart cards[J]. Expert Systems with Applications, 2014,41(18):8129-8143.
[17]	L IN H , WEN F , DU C . An improved anonymous multi-server authenticated key agreement scheme using smart cards and biometrics[J]. Wireless Personal Communications, 2015,84(4):2351-2362.
[18]	LU Y , LI L , PENG H , et al. A biometrics and smart cardsbased authentication scheme for multi-server environments[J]. Security ＆ Communication Networks, 2015,8(17):3219-3228.
[19]	SHEN H , GAO C Z , HE D D , et al. New biometrics-based authentication scheme for multi-server environment in critical systems[J]. Journal of Ambient Intelligence and Humanized Computing, 2015,6(6):825-834.
[20]	范九伦，张雪峰 . 分段Logistic 混沌映射及其性能分析[J]. 电子学报， 2009,37(4):720-725.
	FAN J L , ZHANG X F . Piecewise logistic chaotic map and its performance analysis[J]. Acta Electronica Sinica, 2009,37(4):720-725.
[21]	TSAI J L . Efficient multi-server authentication scheme based on one-wayhash function without verification table[J]. Computers＆ Security, 2008,27(3-4):115-121.
[22]	CHANG C C , LIN I C . Remarks on fingerprint-based remote user authentication scheme using smart cards[J]. ACM SIGOPS Operating Systems Review, 2004,38(4):91-96.

安全项	本文方案	Chaung^[22]	Tsai^[21]	Mishra^[16]	Shen^[19]	Yoon^[13]
分离保存信息	是	否	否	否	否	否
相互认证	是	是	是	否	是	是
会话密钥协议	是	是	是	是	是	是
抵抗修改攻击	是	是	是	是	是	是
抗离线密码猜测	是	是	是	是	是	是
快速检错	是	否	否	是	是	是
简单密码修改	是	否	否	是	是	是
人脸模板保护	是	-	-	-	-	-
抗内部攻击	是	否	否	是	是	是
支持多服务器	是	是	是	是	是	是

卷积核	识别率
2dpi×2dpi	97.9%
4dpi×4dpi	98.1%
6dpi×6dpi	97.4%

算法	识别率	加入机器指纹
PCA	87%	87.5%
LBP	70%	72.6%
SRC+LDA	85%	86%
CNN	97%	98.1%