通信学报 ›› 2017, Vol. 38 ›› Issue (7): 89-95.doi: 10.11959/j.issn.1000-436x.2017148

• 学术论文 • 上一篇    下一篇

基于生物特征和口令的双因子认证与密钥协商协议

李晓伟1,杨邓奇1,陈本辉1,2,张玉清3   

  1. 1 大理大学数学与计算机学院,云南 大理 671000
    2 北京邮电大学网络与交换技术国家重点实验室,北京 100049
    3 中国科学院大学国家计算机网络入侵防范中心,北京 100049
  • 修回日期:2017-04-18 出版日期:2017-07-01 发布日期:2017-08-25
  • 作者简介:李晓伟(1985-),男,吉林通化人,博士,大理大学讲师,主要研究方向为网络安全协议、云安全。|杨邓奇(1979-),男,白族,云南大理人,博士,大理大学副教授,主要研究方向为机器学习、图像识别。|陈本辉(1978-),男,云南大理人,大理大学教授,主要研究方向为神经网络、进化计算、机器学习。|张玉清(1966-),男,陕西宝鸡人,中国科学院大学教授、博士生导师,主要研究方向为网络与信息系统安全。
  • 基金资助:
    国家自然科学基金资助项目(61462003);国家自然科学基金资助项目(71462001);国家自然科学基金资助项目(61272481);国家自然科学基金资助项目(61572460);国家重点研究与发展基金资助项目(2016YFB0800703);网络与交换技术国家重点实验室开放课题基金资助项目(SLNST-2016-2-25);云南省教育厅基金资助项目(2016ZZX192)

Two-factor authenticated key agreement protocol based on biometric feature and password

Xiao-wei LI1,Deng-qi YANG1,Ben-hui CHEN1,2,Yu-qing ZHANG3   

  1. 1 Department of Mathematics and Computer Science,Dali University,Dali 671000,China
    2 State Key Laboratory of Networking and Switching Technology,Beijing University of Posts and Telecommunications,Beijing 100049,China
    3 National Computer Network Intrusion Protection Center,University of Chinese Academy of Sciences,Beijing 100049,China
  • Revised:2017-04-18 Online:2017-07-01 Published:2017-08-25
  • Supported by:
    The National Natural Science Foundation of China(61462003);The National Natural Science Foundation of China(71462001);The National Natural Science Foundation of China(61272481);The National Natural Science Foundation of China(61572460);The National Key Research and Development Project(2016YFB0800703);Open Project Program of State Key Laborary of Networking and Switching Technology(SLNST-2016-2-25);Education Foundation of Yunnan Province(2016ZZX192)

摘要:

提出了一个新型的基于生物特征和口令的双因子认证与密钥协商协议。该双因子协议利用用户的生物特征以及口令信息实现安全通信,用户不需要携带智能卡。利用模糊提取技术,服务器不再保存用户生物信息,避免了服务器被攻陷用户敏感信息丢失的风险。通过服务器的公钥保护用户的认证信息,避免了基于口令的认证协议可能遭受的离线字典攻击。基于椭圆曲线计算性Diffie-Hellman假设,在随机预言模型下证明了协议的安全性。性能分析表明,所提出的协议具有较高的安全属性。

关键词: 认证与密钥协商, 生物认证, 口令, 随机预言模型

Abstract:

A new two-factor authenticated key agreement protocol based on biometric feature and password was proposed.The protocol took advantages of the user’s biological information and password to achieve the secure communication without bringing the smart card.The biometric feature was not stored in the server by using the fuzzy extractor technique,so the sensitive information of the user cannot be leaked when the server was corrupted.The authentication messages of the user were protected by the server’s public key,so the protocol can resist the off-line dictionary attack which often appears in the authentication protocols based on password.The security of the proposed protocol was given in the random oracle model provided the elliptic computational Diffie-Hellman assumption holds.The performance analysis shows the proposed protocol has better security.

Key words: authenticated key agreement protocol, biometric authentication, password, random oracle model

中图分类号: 

No Suggested Reading articles found!