本文针对基于动态身份远程用户认证,可有效防止用户关键信息泄露,保证已认证用户通过授权获取网络服务。针对Wen-Li提出的基于动态身份远程用户认证与密钥协商方案进行安全性分析,指出该方案存在安全缺陷,可能导致泄露用户部分关键信息,进而遭受网络攻击。在保留Wen-Li方案优点基础上提出一种改进的远程用户认证方案,重新设计了认证过程中的会话密钥和密钥确认消息,与Wen-Li方案相比,改进方案能够抵御中间人攻击以及盗窃智能卡攻击,并增强了方案的前向安全性。%This paper, based on the remote dynamic identification, designs a scheme that can effectively pre-vent user key information leakage, and ensure the authenticated user's access to network services. After a security analysis on the Wen-Li proposed scheme and the key agreement scheme, the paper points out its flaws which may lead to the disclosure of user key information, and then the attacks. On the basis of its advantages, the paper pro-poses a remote user authentication scheme with the redesign of the session key and key authentication process con-firmation. When compared with Wen-Li scheme, the improved scheme can resist the man in the middle attack and the stolen smart card attack, and its security is enhanced.
展开▼
