首页> 外文期刊>IEICE Transactions on Information and Systems >Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials
【24h】

Privacy-Preserving Authentication of Users with Smart Cards Using One-Time Credentials

机译:使用一次性凭证的智能卡用户的隐私保护身份验证

获取原文
获取原文并翻译 | 示例
       

摘要

User privacy preservation is critical to prevent many sophisticated attacks that are based on the user's server access patterns and ID-related information. We propose a password-based user authentication scheme that provides strong privacy protection using one-time credentials. It eliminates the possibility of tracing a user's authentication history and hides the user's ID and password even from servers. In addition, it is resistant against user impersonation even if both a server's verification database and a user's smart card storage are disclosed. We also provide a revocation scheme for a user to promptly invalidate the user's credentials on a server when the user's smart card is compromised. The schemes use lightweight operations only such as computing hashes and bitwise XORs.
机译:保护用户隐私对于防止基于用户服务器访问模式和ID相关信息的许多复杂攻击至关重要。我们提出了一种基于密码的用户身份验证方案,该方案使用一次性凭据提供了强大的隐私保护。它消除了跟踪用户身份验证历史记录的可能性,甚至从服务器也隐藏了用户的ID和密码。此外,即使公开了服务器的验证数据库和用户的智能卡存储,它也可以防止用户冒充。我们还为用户提供了一种撤消方案,以在用户的​​智能卡遭到破坏时立即使服务器上的用户凭据无效。这些方案仅使用轻量级操作,例如计算哈希和按位XOR。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有
  • 客服微信

  • 服务号