• 主题
高级搜索  >
历史搜索 清空历史
首页> 外文期刊>Information Security Technical Report >Design of a secure smart card-based multi-server authentication scheme
【24h】

Design of a secure smart card-based multi-server authentication scheme

机译:基于安全智能卡的多服务器身份验证方案的设计

获取原文
获取原文并翻译 | 示例
           
页面导航
  • 摘要
  • 著录项
  • 相似文献
  • 相关主题

摘要

Traditional two party client server authentication protocol may not provide a scalable solution for present network environments where personal and ubiquitous computing technologies are involved as it is now becoming multi-server based. To achieve efficient authorized communication, multi-server based authentication protocols have been designed. The key feature of multi-server based protocols is one time registration. We study the existing multi-server based authentication protocols, and identify that many of the multi-server based authentication protocols involve control server in mutual authentication or trusted server environment is required. The involvement of central authority in mutual authentication may be a bottleneck for large network, and the servers may be semi-trusted. To erase these drawbacks, Wei et al. recently proposed a multi-server based authentication protocol. Their protocol does not require all servers to be trusted and involvement of control server in mutual authentication. Unfortunately, we identify the security vulnerability of Wei et al.'s scheme to insider attack and password guessing attack. Additionally, lack of pre-smart card authentication leads to denial of service attack. To enhance the security of Wei et al.'s protocol, we propose a secure biometric-based authentication scheme for multi-server environment using smart card. We simulate the proposed protocol for the formal security verification using the widely accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool to show that our scheme is secure against active and passive attacks. In addition, we prove that our proposed scheme provides mutual authentication using the widely-accepted Burrows-Abadi-Needham (BAN) logic and is also secured against various well known attacks. In addition, our scheme is efficient in terms of computational and communication overheads as compared to Wei et al.'s scheme and other existing related schemes.
机译:传统的两方客户端服务器身份验证协议可能无法为涉及个人和无处不在的计算技术的当前网络环境提供可扩展的解决方案,因为它现在正变得基于多服务器。为了实现有效的授权通信,已经设计了基于多服务器的认证协议。基于多服务器的协议的关键特征是一次性注册。我们研究了现有的基于多服务器的身份验证协议,并确定许多基于多服务器的身份验证协议在相互身份验证或受控服务器环境中都涉及控制服务器。中央机构参与相互身份验证可能是大型网络的瓶颈,并且服务器可能是半信任的。为了消除这些缺点,Wei等人。最近提出了一种基于多服务器的身份验证协议。他们的协议不需要所有服务器都是受信任的,并且不需要控制服务器参与相互身份验证。不幸的是,我们发现了Wei等人的方案对内部攻击和密码猜测攻击的安全漏洞。此外,缺少智能卡预身份验证会导致拒绝服务攻击。为了增强Wei等人协议的安全性,我们提出了一种使用智能卡的多服务器环境基于生物特征的安全身份验证方案。我们使用广为接受的AVISPA(Internet安全协议和应用程序的自动验证)工具对建议的协议进行正式安全验证,以证明我们的方案可抵抗主动和被动攻击。此外,我们证明了我们提出的方案使用广为接受的Burrows-Abadi-Needham(BAN)逻辑提供了相互身份验证,并且还可以防止各种众所周知的攻击。另外,与Wei等人的方案和其他现有的相关方案相比,我们的方案在计算和通信开销方面是有效的。

著录项

相似文献

  • 外文文献
  • 中文文献
  • 专利
获取原文

客服邮箱:kefu@zhangqiaokeyan.com

京公网安备:11010802029741号 ICP备案号:京ICP备15016152号-6 六维联合信息科技 (北京) 有限公司©版权所有

  • 客服微信

  • 服务号