多因素身份认证协议及基于智能卡的实现研究
|
摘要
作为个人身份证书安全有效的载体,智能卡,如金融IC卡、电信SIM卡、信用卡、电子政务和电子医保卡等,已经在全球范围内被普遍接受,正广泛应用于信息安全各个领域。随着计算机网络技术的发展,人们在非安全网络环境中通信,更易于造成信息泄漏及遭受各种通信上的攻击。身份认证作为整个信息安全体系的基础,越来越引起人们的高度重视。基于智能卡、口令和生物特征组合的多因素身份认证技术成为当前研究的热点。特别是以WiFi、3G/4G等代表的无线通信网络技术的发展,更需要高安全性、轻量级身份认证协议和更加适合协议的智能卡芯片技术支持。本文对关于智能卡在身份认证协议中的信息安全问题进行了广泛的调研;在此基础上,从设计三因素身份认证协议来增强身份认证抗攻击能力及其智能卡硬件进行了系统研究。取得的主要研究成果如下:
1.针对前期的同类基于智能卡与口令的双因素身份认证协议中部分不足,提出了两点改进:即通过在注册阶段采用加密用户信息关键值的方法增强了抵抗离线密码猜测攻击能力;在登录阶段增强用户身份信息保密性的方法来增强抵抗用户匿名性攻击和用户模仿攻击的能力;并基于BAN逻辑对协议安全性进行了形式化证明;本协议既减轻通信量和计算量又达到更高的安全性,可适用于在线金融交易、无记名投票等应用场景中需要隐私保护的系统;
2.提出了一种基于生物特征隐藏的智能卡和口令三因素注册登录方法,即对用户生物特征信息采取隐藏的方法以防止隐私泄露及增强抵抗明文攻击能力;采取特征点阈值比对解决了实际应用中因生物信息扰动带来的哈希散列值不匹配性;提出了一种注册中心不参与登录验证的三因素身份认证协议,通过对用户ID和密码的本地验证来抵抗DoS攻击;并基于BAN逻辑对协议安全性进行了形式化证明;可适用于企业局域网等注册中心与服务器相互信任的系统;
3.提出了一种注册中心参与登录验证的三因素身份认证协议。服务器具有唯一的私有密钥,可有效抵抗服务器模仿服务器攻击。同时验证表不在服务器本地保存,增强了抵抗验证表被盗攻击、模仿用户攻击、窃听攻击以及密码猜测攻击等能力;通过用户、服务器和注册中心三方之间的相互验证,实现了可防止用户匿名攻击等多个安全目标;并基于BAN逻辑对协议安全性进行了形式化证明;可适用于金融支付等对安全要求高的系统;
4.智能卡运算能力与存储空间均比较有限,与服务器相比其安全防护等级低,容易成为攻击对象,基于本文所提出的注册中心参与的三因素身份认证协议的硬件实现所需的速度、存储量等性能要求,提出了一款以开源32位RISC处理器为核心的芯片(原型)优化设计方案:采用开源32位RISC处理器OR1200,并裁剪了OR1200中本协议所不需要的MMU等单元;提出了一种基于哈希的随机数生成方法,并对哈希嵌套运算单元结构进行了改进,提高了读取效率。将身份认证协议程序写入ROM模块中,占用24976Byte存储量;
5.针对所提出的注册中心参与的三因素身份认证协议和硬件设计方案,搭建了FPGA测试平台,对硬件方案进行了测试:测试结果表明所设计的SHA-3硬件加速模块计算速度是纯软件计算的2059倍;采用硬件加速模块后,相比于软件实现的系统,整体运行速度可提高23倍;模拟了本文提出的三因素身份认证协议所列出的攻击手段,在多服务器环境下进行了测试,其结果验证了该协议的高安全性和可实现性。
As a safe and effective carrier of personal identity certificate, the smart card has been generally accepted worldwide, and it is widely used in various information security fields such as telecom SIM cards, financial IC cards, credit cards, e-government and e-health insurance cards. With the development of computer network technology, people communicate in a non-secure network environment, which is more liable to cause information leakage and subjected to all kinds of attacks on communications. As a foundation of the whole information security system, identity authentication has drawn increasing attention. Nowadays, based on smart cards, passwords and biometrics, multiple-factor identity authentication technology is becoming a research hotspot. In particular, with the development of WiFi and3G/4Q the representatives of wireless communication networks technology, there is a need to high security, lightweight authentication protocols and smart card chip technology applied in them. The paper conducts extensive research and in-depth research on information security issues of smart cards in identity authentication protocols. On this basis, the paper mainly researches two aspects:proposing three-factor authentication protocols to enhance anti-attack capability of authentication protocols; achieving hardware implementation by using smart card. The main results are as follows:
1. For defects in previous similar two-factor authentication protocols based on smart card and password, the paper proposes two improvements:encrypting critical values of user's information in registration phase to enhance the ability to resist offline password guessing attack; making user's identity information more confidential in login phase to enhance the ability to resist user anonymity attack and masquerade attack as a legitimate user. Its security is proved with formal proof based on BAN logic. The protocol not only reduces the amount of communication and computation, but also achieves more security goals. The protocol is suitable for online financial transactions, secret ballot and other systems requiring privacy protection.
2. A three-factor registration and login method based on hiding biometrics information, smart card and password is proposed. The paper adopts hiding biometric information to prevent privacy from disclosure and plaintext attack. Matching feature points to solve the mismatch of the biometrics caused by hash function in the practical application. The proposed three-factor identity authentication protocol doesn't need involvement of registration center in verification, and it can resist DoS attack by local authentication of user ID and password. Its security is proved with formal proof based on BAN logic. The protocol applies to corporate LAN and other systems of mutual trust between the registration center and the server.
3. A three-factor identity authentication protocol with involvement of registration center in verification is presented. The server has a unique private key, which can effectively resist impersonation attack as a legitimate server. There is no verifier-table in server, which enhances the capability to resist stolen verifier-attack, masquerade attack as a legitimate user, eavesdropping attack and password guessing attack and so on. The proposed protocol also can achieve user's anonymity and many other security goals through mutual authentication among user, server and registration center. Its security is proved with formal proof based on BAN logic. The protocol can be applied to systems with high security requirements, such as financial system and so on.
4. As the applicant of service and resources, smart card is limited to computing power and storage space. And it is easy to become the target of attack because of the low-level security. This paper designs a chip optimization program based on open-source32-bit RISC processor, in order to meet the demand of speed, storage capacity and other performance requirements in the proposed three-factor authentication protocol with the involvement of registration center. This paper crops OR1200by removing mmu which aren't necessary when computing in our protocol. In addition, we propose a hash-based random number generation method, and improve the nested unit structure of hash operation to enhance the reading efficiency. Program of implementing protocol written to ROM takes24976Byte.
5. For the proposed three-factor authentication protocol with involvement of registration center and its hardware design, the paper has simulated authentication protocols in multi-server environment and built FPGA test platform. Firstly, the paper has verified the security and the operability of the protocol, and then tested the designed hardware solution. Speed of hash computation by hardware is2059times of that by software, and system speed boosts23times when hardware acceleration module is added. The results show that test platform verified the safety and the operability of the protocol.
1.针对前期的同类基于智能卡与口令的双因素身份认证协议中部分不足,提出了两点改进:即通过在注册阶段采用加密用户信息关键值的方法增强了抵抗离线密码猜测攻击能力;在登录阶段增强用户身份信息保密性的方法来增强抵抗用户匿名性攻击和用户模仿攻击的能力;并基于BAN逻辑对协议安全性进行了形式化证明;本协议既减轻通信量和计算量又达到更高的安全性,可适用于在线金融交易、无记名投票等应用场景中需要隐私保护的系统;
2.提出了一种基于生物特征隐藏的智能卡和口令三因素注册登录方法,即对用户生物特征信息采取隐藏的方法以防止隐私泄露及增强抵抗明文攻击能力;采取特征点阈值比对解决了实际应用中因生物信息扰动带来的哈希散列值不匹配性;提出了一种注册中心不参与登录验证的三因素身份认证协议,通过对用户ID和密码的本地验证来抵抗DoS攻击;并基于BAN逻辑对协议安全性进行了形式化证明;可适用于企业局域网等注册中心与服务器相互信任的系统;
3.提出了一种注册中心参与登录验证的三因素身份认证协议。服务器具有唯一的私有密钥,可有效抵抗服务器模仿服务器攻击。同时验证表不在服务器本地保存,增强了抵抗验证表被盗攻击、模仿用户攻击、窃听攻击以及密码猜测攻击等能力;通过用户、服务器和注册中心三方之间的相互验证,实现了可防止用户匿名攻击等多个安全目标;并基于BAN逻辑对协议安全性进行了形式化证明;可适用于金融支付等对安全要求高的系统;
4.智能卡运算能力与存储空间均比较有限,与服务器相比其安全防护等级低,容易成为攻击对象,基于本文所提出的注册中心参与的三因素身份认证协议的硬件实现所需的速度、存储量等性能要求,提出了一款以开源32位RISC处理器为核心的芯片(原型)优化设计方案:采用开源32位RISC处理器OR1200,并裁剪了OR1200中本协议所不需要的MMU等单元;提出了一种基于哈希的随机数生成方法,并对哈希嵌套运算单元结构进行了改进,提高了读取效率。将身份认证协议程序写入ROM模块中,占用24976Byte存储量;
5.针对所提出的注册中心参与的三因素身份认证协议和硬件设计方案,搭建了FPGA测试平台,对硬件方案进行了测试:测试结果表明所设计的SHA-3硬件加速模块计算速度是纯软件计算的2059倍;采用硬件加速模块后,相比于软件实现的系统,整体运行速度可提高23倍;模拟了本文提出的三因素身份认证协议所列出的攻击手段,在多服务器环境下进行了测试,其结果验证了该协议的高安全性和可实现性。
As a safe and effective carrier of personal identity certificate, the smart card has been generally accepted worldwide, and it is widely used in various information security fields such as telecom SIM cards, financial IC cards, credit cards, e-government and e-health insurance cards. With the development of computer network technology, people communicate in a non-secure network environment, which is more liable to cause information leakage and subjected to all kinds of attacks on communications. As a foundation of the whole information security system, identity authentication has drawn increasing attention. Nowadays, based on smart cards, passwords and biometrics, multiple-factor identity authentication technology is becoming a research hotspot. In particular, with the development of WiFi and3G/4Q the representatives of wireless communication networks technology, there is a need to high security, lightweight authentication protocols and smart card chip technology applied in them. The paper conducts extensive research and in-depth research on information security issues of smart cards in identity authentication protocols. On this basis, the paper mainly researches two aspects:proposing three-factor authentication protocols to enhance anti-attack capability of authentication protocols; achieving hardware implementation by using smart card. The main results are as follows:
1. For defects in previous similar two-factor authentication protocols based on smart card and password, the paper proposes two improvements:encrypting critical values of user's information in registration phase to enhance the ability to resist offline password guessing attack; making user's identity information more confidential in login phase to enhance the ability to resist user anonymity attack and masquerade attack as a legitimate user. Its security is proved with formal proof based on BAN logic. The protocol not only reduces the amount of communication and computation, but also achieves more security goals. The protocol is suitable for online financial transactions, secret ballot and other systems requiring privacy protection.
2. A three-factor registration and login method based on hiding biometrics information, smart card and password is proposed. The paper adopts hiding biometric information to prevent privacy from disclosure and plaintext attack. Matching feature points to solve the mismatch of the biometrics caused by hash function in the practical application. The proposed three-factor identity authentication protocol doesn't need involvement of registration center in verification, and it can resist DoS attack by local authentication of user ID and password. Its security is proved with formal proof based on BAN logic. The protocol applies to corporate LAN and other systems of mutual trust between the registration center and the server.
3. A three-factor identity authentication protocol with involvement of registration center in verification is presented. The server has a unique private key, which can effectively resist impersonation attack as a legitimate server. There is no verifier-table in server, which enhances the capability to resist stolen verifier-attack, masquerade attack as a legitimate user, eavesdropping attack and password guessing attack and so on. The proposed protocol also can achieve user's anonymity and many other security goals through mutual authentication among user, server and registration center. Its security is proved with formal proof based on BAN logic. The protocol can be applied to systems with high security requirements, such as financial system and so on.
4. As the applicant of service and resources, smart card is limited to computing power and storage space. And it is easy to become the target of attack because of the low-level security. This paper designs a chip optimization program based on open-source32-bit RISC processor, in order to meet the demand of speed, storage capacity and other performance requirements in the proposed three-factor authentication protocol with the involvement of registration center. This paper crops OR1200by removing mmu which aren't necessary when computing in our protocol. In addition, we propose a hash-based random number generation method, and improve the nested unit structure of hash operation to enhance the reading efficiency. Program of implementing protocol written to ROM takes24976Byte.
5. For the proposed three-factor authentication protocol with involvement of registration center and its hardware design, the paper has simulated authentication protocols in multi-server environment and built FPGA test platform. Firstly, the paper has verified the security and the operability of the protocol, and then tested the designed hardware solution. Speed of hash computation by hardware is2059times of that by software, and system speed boosts23times when hardware acceleration module is added. The results show that test platform verified the safety and the operability of the protocol.
引文
[1]Min-Shiang Hwang and L.H.Li. A new remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, vol.46, no.1, pp. 28-30,2000.
[2]韩涛.基于智能卡与生物特征的身份认证协议的研究[D].湖北:湖北工业大学.pp.2-3,2011.
[3]2010 Internet Crime Complaint Center Annual Report [EB/OL]. http://www. ic3.gov/media/annualreport/2010 IC3Report.pdf.
[4]顾洁.面向无线社区的身份认证及密钥管理技术研究[D].上海:上海交通大学.pp.2-29,2012.
[5]National Information Assurance Glossary [EB/OL]. http://www.cnss.gov/assets/ pdf/cnssi 4009.pdf,2010.
[6]L. Lamprot. Password authentication with insecure communication [C]. Communications of the ACM, vol.24, no.11, pp.770-772,1981.
[7]C. C. Chang and T. C. Wu. Remote password authentication with smart cards [A]. In IEE Proceedings-E[C], vol.138, no.3, pp.165-168,1991.
[8]凌捷.非接触式指纹智能卡的关键技术研究[J].计算机工程与应用.pp.5-7,2001.
[9]马慧芳.基于生物特征的智能卡远程身份认证协议的研究[D].四川:电子科技大学.pp.2-3,2010.
[10]吕书波,葛洪芳.基于HTTP协议的安全代理研究[J].河南机电高等专科学校学报.vol.6,pp.23-27,2010.
[11]曹玫.基于智能卡身份认证的发展趋势及应用前景[J].金卡工程.vol.3,pp.32-35,2005.
[12]许珊琳.智能卡芯片的发展及其所形成的设计方法[J].中国集成电路.vol.87,pp.10-14,2006.
[13]赵坤.智能卡抗干扰测试系统的研究[D],北京:北京邮电大学.pp.5-7,2009.
[14]Samsung [DB/OL]. http://www.samsung.com/cn/#latest-home
[15]SHHIC [DB/OL]. http://www.shhic.com/index.aspx
[16]Huahong Grace [DB/OL]. http://www.hhnec.com/CN/HHNEC.aspx
[17]FMSH [DB/OL]. http://www.fmsh.com/index.aspx
[18]Wireless LANs:risks and defenses. White Paper [DB/OL]. http://wireless. ittoolbox.com/pub/AM082802.pdf,2002.
[19]Karygiannis T, Owens L. Wireless network security:802.11, bluetoothand handheld devices [DB/OL]. NIST Special Publication 800-48, http://csrc.nist. gov/publications/nistpubs/800-48/NIST SP 800-48.pdf,2002.
[20]Prashnt K, Kabara J and Anusas T. Security in wireless residential networks [J]. IEEE Transactions on Consumer Electronics, vol.48, no.1, pp.157-166,2002.
[21]Park J S, Dicoi D. WLAN security:current and future [J]. IEEE Internet Computing, vol.8, no.2, pp.76-83,2004.
[22]Borisov N, Goldberg I and Wagner D. Intercepting mobile communications:the insecurity of 802.11 [C]. In Proceedings of the 7th International Conference on Mobile Computing and Networking, pp.16-21,2001.
[23]Arbaugh W A, Shankar N and Wang J. Your 802.11 network has no clothes [C]. In the first IEEE International Conference on Wireless LANs and Home Networks, pp.131-144,2001.
[24]Donald C, Welch J, Scott M and Lathrop D. A survey of 802.11a wireless security threats and security mechanisms [R/OL]. Technical Report, ITOCTR-2003-101,2003.
[25]Diffie W and Hellman M. New directions in cryptography [J]. Information Theory, IEEE Transactions on, vol.22, no.6, pp.472-492,1976.
[26]MATSUMOTO T, TAKASHIMA Y, and IMAI H. On seeking smart public-key-distribution systems [J]. Institute of Electronics, Information and Communication Engineers of Japan, pp.99-106,1986.
[27]Law L, Menezes A, Qu M, et al. An Efficient Protocol for Authenticated Key Agreement [J]. Designs, Codes and Cryptography, vol.28, no.2, pp.119-134, 2003.
[28]李文敏.认证密钥协商协议的设计与应用[D].北京:北京邮电大学.pp.2-4,2012.
[29]Schneier B. Applied Glyptography, protocols, algorithms, and source code in C [M]. John Wiley and Sons Inc.,2nd Edition, New York, U.S.A.,1996.
[30]Girault M, Self-certified public keys [C], Advances in Cryptology EUROCRYPT 1991, vol.547, pp.490-497,1991.
[31]Petersen H, Horster P, and Horster D P. Self-certified keys-Concepts and Applications [C]. In Proceedings of In Proc. Communications and Multimedia Security, vol.547, pp.490-497,1997.
[32]Saeednia, S.:Identity-Based and Self-Certified Key Exchange Protocols[C]. ACISP 1997, LNCS, vol.1270, pp.303-317,1997.
[33]Tzong-Chen W, Yuh-Shihng C and Tzouh-Yi L. Improvement of Saeednia's self-certified key exchange protocols [J]. Electronics Letters, vol.34, no.11, pp. 1094-1095,1998.
[34]Xiaowen Chu, Yixin Jiang, and Chuang Lin. Self-Certified Authentication and Key Exchange Protocol for Roaming Services [C]. In Proceedings of the 3rd International Conference on Autonomic and Trusted Computing ATC 06, Lecture Notes in Computer Science (LNCS), vol.4158, pp.408-417,2006.
[35]Y-P. Liao, S-S. Wang, A secure dynamic ID based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol. 31, no.1, pp.24-29,2009.
[36]Fan C-I, Lin Y-H. Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics [J]. Transactions on Information Forensics and Security, vol.4, no.4, pp.933-945,2009.
[37]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smartcards [J]. Journal of Network and Computer Applications. vol.33, no.1, pp.1-5,2010.
[38]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards [J]. Journal of Network and Computer Applications, vol.34, no.1, pp.73-79,2011.
[39]Leslie Lamport. Password Authentication with Insecure Communication [J]. Communications of the ACM. vol.24, no.11, pp.770-772,1981.
[40]G. Hong, Password authentication without using password table [J]. Inform Processing Left. vol.55, pp.247-250,1995.
[41]Neil M. Haller. The S/KEY One-time Password System. In Proceedings of the 1994 Symposium on Network and Distributed Systems Security [J]. pp. 151-157,1994.
[42]Rubin A D. Independent one-time passwords [J]. Computing Systems, vol.9, no. 1,pp.15-27,1996.
[43]Mitchell C J, Chen L. Comments on the S/KEY user authentication scheme [J]. ACM SIGOPS Operating Systems Review, vol.30, no.4, pp.12-16,1996.
[44]Tzu-Chang Y E H, Hsiao-Yun S, Hwang J J. A secure one-time password authentication scheme using smart cards [J].IEICE Transactions on Communications, vol.85, no.11, pp.2515-2518,2002.
[45]Sandirigama M, Shimizu A. Simple and secure password authentication protocol (SAS) [J]. IEICE Transactions on Communications, vol.83, no.6, pp. 1363-1365,2000.
[46]Chun-Li L I N, Hung-Min S U N, Hwang T. Attacks and solutions on strong-password authentication [J]. IEICE transactions on communications, vol. 84, no.9, pp.2622-2627,2001.
[47]Chien-Ming C, Wei-Chi K. Stolen-verifier attack on two new strong-password authentication protocols [J]. IEICE transactions on communications, vol.85, no. 11, pp.2519-2521,2002.
[48]李雄.多种环境下身份认证协议的研究与设计[D].北京:北京邮电大学.pp.4-5,2012.
[49]Chang, C.C., Wu, T.C.:Remote password authentication with smart cards [J]. In IEE Proceedings-Computers and Digital Techniques, vol.138, no.3, pp. 165-168,1991.
[50]W.B. Lee, C.C. Chang, User identification and key distribution maintaining anonymity for distributed computer network [J]. Comput. Syst. Sci. vol.15, no. 4, pp.211-214,2000.
[51]W.J. Tsuar, C.C. Wu, W.B. Lee, A flexible user authentication for multiserver internet services [J]. Networking-JCN2001LNCS. vol.2093, pp.174-183,2001.
[52]L. Li, I. Lin, M. Hwang, A remote password authentication scheme for multi-server architecture using neural networks [J]. IEEE Trans. Neural Netw. vol.12, no.6, pp.1498-1504,2001.
[53]Lin, I., Hwang, M., Li, L. A new remote user authentication scheme for multiserver architecture [J]. Future Generation Computer Systems, vol.19, no. 1, pp.13-22,2003.
[54]Juang W-S. Efficient multi-server password authenticated key agreement using smart cards [J]. IEEE Transaction on Consumer Electronics, vol.50, no.1, pp. 251-255,2004.
[55]Chang C-C, Lee J-S. An efficient and secure multi-server password authentication scheme using smart cards [C]. In Proceedings of the third international conference on cyberworlds. pp.417-422,2004.
[56]Liao, Y., Wang,S.A secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol.31, no. 1, pp.24-29,2009.
[57]Hsiang, H., Shih, W. Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol.31, no.6, pp.1118-1123,2009.
[58]Shao, M., Chin, Y:A novel approach to dynamic id-based remote user authentication scheme for multi-server environment [C]. International Conference on Network and System Security (NSS), pp.548-553,2010.
[59]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security (NSS), vol.7645, pp.462-475,2012.
[60]Lee J K, Ryu S R, Yoo K Y. Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters [J]. vol.38, no.12, pp.554-555, 2002,.
[61]Lin C H, Lai Y Y. A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces [J]. vol.27, no.1, pp.19-23,2004.
[62]Yoon E J, Yoo K Y. A new efficient fingerprint-based remote user authentication scheme for multimedia systems [C]. Knowledge-Based Intelligent Information and Engineering Systems. Springer Berlin Heidelberg, pp.332-338,2005.
[63]Lee Y, Kwon T. An improved fingerprint-based remote user authentication scheme using smart cards [M]. Computational Science and Its Applications-ICCSA 2006. Springer Berlin Heidelberg, pp.915-922,2006.
[64]Khan M K, Zhang J. An efficient and practical fingerprint-based remote user authentication scheme with smart cards [M]. Information Security Practice and Experience. Springer Berlin Heidelberg, pp.260-268,2006.
[65]Xu J, Zhu W T, Feng D G. Improvement of a Fingerprint-Based Remote User Authentication Scheme [C]. Information Security and Assurance,2008. ISA 2008. International Conference on IEEE.pp.87-92,2008.
[66]Yang H K, An Y H. Security. Weaknesses and Improvements of a Fingerprint-based Remote User Authentication Scheme Using Smart Cards [J]. International Journal of Advancements in Computing Technology, vol.4, no.1, pp.15-23,2012.
[67]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.33, no.1, pp.1-5,2010.
[68]Das A K. Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards [J]. Information Security, IET. vol.5, no.3, pp.145-151,2011.
[69]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.34, no.1, pp.73-79,2011.
[70]Jeon S, Kim H S, Kim M S. Enhanced biometrics-based remote user authentication scheme using smart cards [J]. J. of Security Engineering. vol.8, no.2, pp.237-254,2011.
[71]Truong T T, Tran M T, Duong A D. Robust biometrics-based remote user authentication scheme using smart cards [C]. Network-Based Information Systems (NBiS),2012 15th International Conference on. IEEE. pp.384-391, 2012.
[1]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on Information Theory, vol.29, no.2, pp.198-208,1983.
[2]凌捷.非接触式指纹智能卡的关键技术研究[J].计算机工程与应用.vol.14,pp.5-7,2001.
[3]韩涛.基于智能卡与生物特征的身份认证协议的研究[D].湖北:湖北工业大学.pp.2-3,2011.
[4]Xue K, Hong P, Ma C. A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture [J]. arXiv:1204.3831,2012.
[5]Wang, D., Ma, C.G., Gu, D.L., Cui, Z.S.:Cryptanalysis of two dynamic ID-based remote user authentication schemes for multi-server architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security (NSS), LNCS, vol.7645, pp.462-475,2012.
[6]顾洁.面向无线社区的身份认证及密钥管理技术研究[D].上海:上海交通大学.pp.2-29,2012.
[7]潘泽波基于指纹认证的Kerberos认证系统的设计[D]湖南中南大学-pp.2-,2008.
[8]Everitt R A J, McOwan P W. Java-based Internet biometric authentication system [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.25, no.9, pp.1166-1172,2003.
[9]Dass S C, Zhu Y F, Jain A K. Validating a biometric authentication system: sample size requirements [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.28, no.12, pp.1902-1919,2006.
[10]Poh N, Bengio S. How do correlation and variance of base-experts affect fusion in biometric authentication tasks [J]. IEEE Transactions on Signal Processing, vol.53, no. 11, pp.4384-4396,2005.
[11]Mitra S, Savvides M, Brockwell A. Statistical performance evaluation of biometric authentication systems using random effects models [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.29, no.4, pp. 517-530,2007.
[12]Snelick R, Uludag U, Mink A, et al. Large-scale evaluation of multimodal biometric authentication using state-of-the-art systems [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.27, no.3, pp.450-455,2005.
[13]Tao Q, Veldhuis R. Biometric authentication system on mobile personal devices [J]. IEEE Transactions on Instrumentation and Measurement. vol.59, no.4, pp. 763-773,2010.
[14]Pankanti S, Prabhakar S, Jain A K. On the individuality of fingerprints [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.24, no.8, pp. 1010-1025,2002.
[15]Nandakumar K, Jain A K, Pankanti S. Fingerprint-based fuzzy vault: implementation and performance [J]. IEEE Transactions on Information Forensics and Security. vol.2, no.4, pp.744-757,2007.
[16]Jain A K, Hong L, Pankanti S and Bolle R. An identity-authentication system using fingerprints [J]. In Proceedings of the IEEE. vol.85, no.9, pp.1365-1388, 1997.
[17]Nanni L, Brahnam S, Lumini A. Biohashing applied to orientation-based minutia descriptor for secure fingerprint authentication system [J]. Electronics Letters. vol.47, no.15, pp.851-853,2011.
[18]Sanchez-Avila C, Sanchez-Reillo R, de Martin-Roche D. Iris-based biometric recognition using dyadic wavelet transform [J]. IEEE Aerospace and Electronic Systems Magazine. vol.17, no.10, pp.3-6,2002.
[19]Schmid N A, Ketkar M V, Singh H and Cukic B. Performance analysis of iris-based identification system at the matching score level [J]. IEEE Transactions on Information Forensics and Security. vol.1, no.2, pp.154-168, 2006.
[20]Sun Z N, Tan T N. Ordinal measures for iris recognition [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.31, no.12, pp.2211-2226, 2009.
[21]Liu-Jimenez J, Sanchez-Reillo R, Fernandez-Saavedra B. Iris biometrics for embedded systems [J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems. vol.19, no.2, pp.274-282,2011.
[22]Sanchez-Reillo R, Sanchez-Avila C, Gonzalez-Marcos A. Improving access control security using iris identification [C]. In Proceedings of IEEE 34th Annual 2000 International Carnahan Conference on Security Technology. pp. 56-59,2000.
[23]Kounoudes A, Kekatos V, Mavromoustakos S. Voice biometric authentication for enhancing Internet service security [C]. In Proceedings of 2nd Information and Communication Technologies (ICTTA'06). pp.1020-1025,2006.
[24]Kim D S, Hong K S. Multimodal biometric authentication using teeth image and voice in mobile environment [J]. IEEE Transactions on Consumer Electronics.vol.54, no.4, pp.1790-1797,2008.
[25]Chandra E, Sunitha C. A review on speech and speaker authentication system using voice signal feature selection and extraction [J]. In Proceedings of IEEE International Advance Computing Conference (IACC 2009). pp.1341-1346, 2009.
[26]Kim D J, Chung K W, Hong K S. Person authentication using face, teeth and voice modalities for mobile device security [J]. IEEE Transactions on Consumer Electronics. vol.56, no.4, pp.2678-2685,2010.
[27]Foomany F H, Hirschfield A, Ingleby M. Toward a dynamic framework for security evaluation of voice verification systems [C]. In Proceedings of IEEE Toronto International Conference on Science and Technology for Humanity (TIC-STH). pp.22-27,2009.
[28]Porwik P. The compact three stages method of the signature recognition [C]. In Proceedings of 6th International Conference on Computer Information Systems and Industrial Management Applications (CISIM). pp.282-287,2007.
[29]Porwik P, Para T. Some handwritten signature parameters in biometric recognition process [C]. In Proceedings of 29th International Conference on Information Technology Interfaces (ITI 2007). pp.185-190,2007.
[30]Thian S O, Khoh W H, Teoh A. Dynamic handwritten signature verification based on statistical quantization mechanism [C]. In Proceedings of International Conference on Computer Engineering and Technology (IC-CET'09). pp. 312-316,2009.
[31]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems. vol.8, no.1, pp.18-36,1990.
[32]刘政林,董馨,李东方.SHA-2(256,384,512)系列算法的硬件实现[J].微电子学与计算机.vol.29, no.12, pp.51-54,2012.
[33]王正才;许道云;王晓峰;唐郑熠;韦立,BAN逻辑的可靠性分析与改进;[J].计算机工程-vol.38, no.17, pp.110-115,2012.
[34]余荣威;王丽娜;匡波,面向远程证明的安全协议设计方法;[J]通信学报-vol.10, pp.19-24,2008
[35]秦小龙,杨义先,USB密码钥及其在Kerberos系统中的应用.计算机工程与应用-vol.38, no.5, pp.12-14,2002
[1]Jonathan Katz, Rafail Ostrovsky, Moti Yung. Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords [C]. EUROCRYPT, pp. 475-494,2001.
[2]IkSu Park, SeungBae Park, ByeongKyun Oh. User Authentication Protocol Based on Human Memorable Password and Using RSA [C], ICCSA, vol.3043, pp.527-536,2004.
[3]Tsaur W-J, Wu C-C, Lee W-B. A smart card-based remote scheme for password authentication in multi-server Internet services [J]. Computer Standards & Interfaces. vol.27, no.1, pp.39-51,2004.
[4]Tsai J-L. Efficient multi-server authentication scheme based on one-way hash function without verification table [J]. Computers & Security, vol.27, no.3-4, pp.115-121,2008.
[5]李雄.多种环境下身份认证协议的研究与设计[D]北京:北京邮电大学.pp.12-14,2012.
[6]Chang, C.C, Wu, T.C. Remote password authentication with smart cards [J]. IEE Proceedings-Computers and Digital Techniques, vol.138, no.3, pp. 165-168,1991.
[7]C.Berzou and A.Glavieux. Near Shannon Limit Error-Correcting Coding and Decoding:Turbo-codes [C]. IEEE International Cconference Communications. vol.6, no.4, pp.1064-1070,1993.
[8]D. J.C.Mackay and R.M.Neal. Near Shannon Limit Performance of Low Density Parity Check Codes [J]. Electric Letters. vol.32, pp.1645-1646,1996.
[9]Luby M, Mizenmacher M, Shokrollahi M A, et al. Improved Low Density Parity Check Codes using Irregular Graphs and Belief Propagation [C]. International Symposium on Information Theory (ISIT). pp.117,1998.
[10]Ford W, Kaliski B S. Server-assisted generation of a strong secret from a password [C]. In Proceedings of IEEE 9th international workshop enabling technologies. pp.176-180,2000.
[11]L. Li, I. Lin, M. Hwang. A remote password authentication scheme for multi-server architecture using neural networks [J]. IEEE Trans. Neural Netw. vol.12, no.6, pp.1498-1504,2001.
[12]Lin. I, Hwang. M, Li. L. A new remote user authentication scheme for multiserver architecture [J]. Future Generation Computer Systems, vol.19, no.1, pp.13-22,2003.
[13]Chang C-C, Lee J-S. An efficient and secure multi-server password authentication scheme using smart cards [C]. In Proceedings of the third international conference on cyberworlds. pp.417-422,2004.
[14]Liao. Y, Wang. S. A secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no. 1, pp.24-29,2009.
[15]Hsiang. H, Shih. W. Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no.6, pp.1118-1123,2009.
[16]Shao. M, Chin. Y. A novel approach to dynamic id-based remote user authentication scheme for multi-server environment [C]. In:2010 4th International Conference on Network and System Security. pp.548-553,2010.
[17]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In Proceedings of 6th International Conference on Network and System Security (NSS). vol.7645, pp.462-475,2012.
[18]Wu. S.H, Zhu, Y.F, Pu. Q. Robust smart-cards-based user authentication scheme with user anonymity [J]. Security and Communication Networks. vol.5, no.2, pp.236-248,2012.
[19]Wang. Y. Password Protected Smart Card and Memory Stick Authenticationagainst Off-Line Dictionary Attacks [C]. In:Gritzalis, D. Furnell., S., Theoharidou, M.(eds.) SEC 2012. IFIP AICT. vol.376, pp.489-500. Springer, Heidelberg,2012.
[20]Tan. Z. Cryptanalysis of two id based password authentication schemes for multiserver environments [J]. International Journal of Digital Content Technology and its Applications. vol.5, no.1, pp.87-94,2011.
[21]Yeh. K, Lo. N, Li. Y. Cryptanalysis of hsiang-shihs authentication scheme for multi-server architecture [J]. International Journal of Communication Systems. vol.24, no.7, pp.829-836,2011.
[22]Sood. S, Sarje. A, Singh. K. A secure dynamic identity based authentication protocol for multi-server architecture [J]. Journal of Network and Computer Applications. vol.34, no.2, pp.609-618,2011.
[23]Kocher, P., Jaffe, J., Jun, B. Differential Power Analysis [C]. In:Wiener, M. (ed.) CRYPTO 1999. LNCS, Springer, Heidelberg (1999). vol.1666, pp.388-789, 1999.
[24]Messerges, T.S., Dabbish, E.A., Sloan, R.H. Examining smart-card security under the threat of power analysis attacks [J]. IEEE Transactions on Computers. vol.51, no.5, pp.541-552,2002.
[25]Kasper. T, Oswald. D, Paar. C. Side-Channel Analysis of Cryptographic RFIDs with Analog Demodulation [C]. In:Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS. vol.7055, pp.61-77,2012.
[26]Florencio. D, Herley. C. A large-scale study of web password habits [C]. In: WWW'07 Proceedings of the 16th international conference on World Wide Web. pp.657-666,2007.
[27]Klein. D.V. Foiling the cracker:A survey of, and improvements to, password security [C]. In Proceedings of the 2nd USENIX Security Workshop. pp.5-14, 1990.
[28]崔建明,张小军等.一种基于人可记忆密码的多服务器安全认证方法[P]:中国发明专利,201310275399.X.
[1]Lee J-K, Ryu S-R, Yoo K-Y. Fingerprint-based remote user authentication scheme using smart cards [J]. Electronics Letters. vol.38, no.12, pp.554-555, 2002.
[2]Lin C-H, Lai Y-Y. A flexible biometrics remote user authentication scheme [J]. Computer Standards & Interfaces. vol.27, no.1, pp.19-23,2004.
[3]W.C. Ku, S.T. Chang, M.H. Chiang. Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards [J]. IEE Electronics Letters, vol.41, no.5,2005.
[4]Kim H-S, Lee S-W, Yoo K-Y. ID-based password authentication scheme using smart cards and fingerprints [J]. ACM SIGOPS Operating Systems Review. vol. 37, no.4, pp.32-41,2003.
[5]Scott M. Cryptanalysis of an ID-based password authentication scheme using smart cards and fingerprints [J]. ACM SIGOPS Operating Systems Review. vol. 38, no.2, pp.73-75,2004.
[6]Khan M-K, Zhang J-S. Improving the security of'a flexible biometrics remote user authentication scheme" [J]. Computer Standards & Interfaces. vol.29, no.1, pp.82-85,2007.
[7]Fan C-I, Lin Y-H. Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics [J]. Transactions on Information Forensics and Security. vol.4, no.4, pp.933-945,2009.
[8]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smartcards [J]. Journal of Network and Computer Applications. vol,33, no.1, pp.1-5,2010.
[9]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.34, no.1, pp.76-79,2011.
[10]李雄.多种环境下身份认证协议的研究与设计[D],北京:北京邮电大学.pp.61-66,2012.
[11]Hsiang H, Shih W. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no.6, pp.1118-1123,2009.
[12]Sood S K, Sarje A K, Singh K. A secure dynamic identity based authentication protocol for multi-server architecture [J]. Journal of Network and Computer Applications. vol.34, no.2, pp.609-618,2011.
[13]Li X, Xiong Y-P, Ma J, Wang W-D. An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards [J]. Journal of Network and Computer Applications. vol.35,no.2, pp.763-769, 2012.
[14]C Chou J S, Chen Y, Huang C H,-et al. Comments on four multi-server authentication protocols using smart card [J]. IACR Cryptology ePrint Archive. pp.406,2012.
[15]Xue K, Hong P, Ma C. A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture [J]. Journal of Computer and System Sciences. vol.80, no.1, pp.196-205,2014.
[16]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security. LNCS.7645, pp.462-475,2012.
[17]A K. Das. Cryptanalysis and further improvement of a biometricbased remote user authentication scheme using smart cards [J]. International Journal of Network Security & Its Applications. vol.3, no.2. pp.13-28,2011.
[18]崔建明,张小军等.一种基于口令和生物特征的智能卡注册登录方法[P],中国发明专利,201310275194.1.
[19]崔建明,张小军等.一种基于密码、智能卡和生物特征的远程身份认证方法[P]:中国发明专利,201310275214.5.
[1]Wolfgang Effing, Wolfgang Rankl, Kenneth Cox, Smart Card Handbook(4th) [M], John Wiley & Sons Inc. pp.221-250,2010.
[2]Opencores, OpenRISC 1200 IP Core Specification [EB/OL]. http://openrisc.net/ or1200-spec.html.
[3]Shafi Goldwasser, Silvio Micali. Probabilistic Encryption [J]. Journal of Computer and System Sciences, vol.28, no.2, pp.270-299,1984.
[4]冯登国.可证明安全性理论与方法研究[J].软件学报.vol.16, no.10, pp. 1743-1756,2005.
[5]王皓.基于身份密码体制的研究[D].山东大学.pp.17-18,2012.
[6]Terasic, Altera DE2-70 Board [EB/OL], http://www.terasic.com.tw/cgi-bin/ page/archive.pl? No=226.
[7]威尔迪,FD20-T指纹模块[EB/OL], http://www.fplock.cn/mokuai/.
[2]韩涛.基于智能卡与生物特征的身份认证协议的研究[D].湖北:湖北工业大学.pp.2-3,2011.
[3]2010 Internet Crime Complaint Center Annual Report [EB/OL]. http://www. ic3.gov/media/annualreport/2010 IC3Report.pdf.
[4]顾洁.面向无线社区的身份认证及密钥管理技术研究[D].上海:上海交通大学.pp.2-29,2012.
[5]National Information Assurance Glossary [EB/OL]. http://www.cnss.gov/assets/ pdf/cnssi 4009.pdf,2010.
[6]L. Lamprot. Password authentication with insecure communication [C]. Communications of the ACM, vol.24, no.11, pp.770-772,1981.
[7]C. C. Chang and T. C. Wu. Remote password authentication with smart cards [A]. In IEE Proceedings-E[C], vol.138, no.3, pp.165-168,1991.
[8]凌捷.非接触式指纹智能卡的关键技术研究[J].计算机工程与应用.pp.5-7,2001.
[9]马慧芳.基于生物特征的智能卡远程身份认证协议的研究[D].四川:电子科技大学.pp.2-3,2010.
[10]吕书波,葛洪芳.基于HTTP协议的安全代理研究[J].河南机电高等专科学校学报.vol.6,pp.23-27,2010.
[11]曹玫.基于智能卡身份认证的发展趋势及应用前景[J].金卡工程.vol.3,pp.32-35,2005.
[12]许珊琳.智能卡芯片的发展及其所形成的设计方法[J].中国集成电路.vol.87,pp.10-14,2006.
[13]赵坤.智能卡抗干扰测试系统的研究[D],北京:北京邮电大学.pp.5-7,2009.
[14]Samsung [DB/OL]. http://www.samsung.com/cn/#latest-home
[15]SHHIC [DB/OL]. http://www.shhic.com/index.aspx
[16]Huahong Grace [DB/OL]. http://www.hhnec.com/CN/HHNEC.aspx
[17]FMSH [DB/OL]. http://www.fmsh.com/index.aspx
[18]Wireless LANs:risks and defenses. White Paper [DB/OL]. http://wireless. ittoolbox.com/pub/AM082802.pdf,2002.
[19]Karygiannis T, Owens L. Wireless network security:802.11, bluetoothand handheld devices [DB/OL]. NIST Special Publication 800-48, http://csrc.nist. gov/publications/nistpubs/800-48/NIST SP 800-48.pdf,2002.
[20]Prashnt K, Kabara J and Anusas T. Security in wireless residential networks [J]. IEEE Transactions on Consumer Electronics, vol.48, no.1, pp.157-166,2002.
[21]Park J S, Dicoi D. WLAN security:current and future [J]. IEEE Internet Computing, vol.8, no.2, pp.76-83,2004.
[22]Borisov N, Goldberg I and Wagner D. Intercepting mobile communications:the insecurity of 802.11 [C]. In Proceedings of the 7th International Conference on Mobile Computing and Networking, pp.16-21,2001.
[23]Arbaugh W A, Shankar N and Wang J. Your 802.11 network has no clothes [C]. In the first IEEE International Conference on Wireless LANs and Home Networks, pp.131-144,2001.
[24]Donald C, Welch J, Scott M and Lathrop D. A survey of 802.11a wireless security threats and security mechanisms [R/OL]. Technical Report, ITOCTR-2003-101,2003.
[25]Diffie W and Hellman M. New directions in cryptography [J]. Information Theory, IEEE Transactions on, vol.22, no.6, pp.472-492,1976.
[26]MATSUMOTO T, TAKASHIMA Y, and IMAI H. On seeking smart public-key-distribution systems [J]. Institute of Electronics, Information and Communication Engineers of Japan, pp.99-106,1986.
[27]Law L, Menezes A, Qu M, et al. An Efficient Protocol for Authenticated Key Agreement [J]. Designs, Codes and Cryptography, vol.28, no.2, pp.119-134, 2003.
[28]李文敏.认证密钥协商协议的设计与应用[D].北京:北京邮电大学.pp.2-4,2012.
[29]Schneier B. Applied Glyptography, protocols, algorithms, and source code in C [M]. John Wiley and Sons Inc.,2nd Edition, New York, U.S.A.,1996.
[30]Girault M, Self-certified public keys [C], Advances in Cryptology EUROCRYPT 1991, vol.547, pp.490-497,1991.
[31]Petersen H, Horster P, and Horster D P. Self-certified keys-Concepts and Applications [C]. In Proceedings of In Proc. Communications and Multimedia Security, vol.547, pp.490-497,1997.
[32]Saeednia, S.:Identity-Based and Self-Certified Key Exchange Protocols[C]. ACISP 1997, LNCS, vol.1270, pp.303-317,1997.
[33]Tzong-Chen W, Yuh-Shihng C and Tzouh-Yi L. Improvement of Saeednia's self-certified key exchange protocols [J]. Electronics Letters, vol.34, no.11, pp. 1094-1095,1998.
[34]Xiaowen Chu, Yixin Jiang, and Chuang Lin. Self-Certified Authentication and Key Exchange Protocol for Roaming Services [C]. In Proceedings of the 3rd International Conference on Autonomic and Trusted Computing ATC 06, Lecture Notes in Computer Science (LNCS), vol.4158, pp.408-417,2006.
[35]Y-P. Liao, S-S. Wang, A secure dynamic ID based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol. 31, no.1, pp.24-29,2009.
[36]Fan C-I, Lin Y-H. Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics [J]. Transactions on Information Forensics and Security, vol.4, no.4, pp.933-945,2009.
[37]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smartcards [J]. Journal of Network and Computer Applications. vol.33, no.1, pp.1-5,2010.
[38]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards [J]. Journal of Network and Computer Applications, vol.34, no.1, pp.73-79,2011.
[39]Leslie Lamport. Password Authentication with Insecure Communication [J]. Communications of the ACM. vol.24, no.11, pp.770-772,1981.
[40]G. Hong, Password authentication without using password table [J]. Inform Processing Left. vol.55, pp.247-250,1995.
[41]Neil M. Haller. The S/KEY One-time Password System. In Proceedings of the 1994 Symposium on Network and Distributed Systems Security [J]. pp. 151-157,1994.
[42]Rubin A D. Independent one-time passwords [J]. Computing Systems, vol.9, no. 1,pp.15-27,1996.
[43]Mitchell C J, Chen L. Comments on the S/KEY user authentication scheme [J]. ACM SIGOPS Operating Systems Review, vol.30, no.4, pp.12-16,1996.
[44]Tzu-Chang Y E H, Hsiao-Yun S, Hwang J J. A secure one-time password authentication scheme using smart cards [J].IEICE Transactions on Communications, vol.85, no.11, pp.2515-2518,2002.
[45]Sandirigama M, Shimizu A. Simple and secure password authentication protocol (SAS) [J]. IEICE Transactions on Communications, vol.83, no.6, pp. 1363-1365,2000.
[46]Chun-Li L I N, Hung-Min S U N, Hwang T. Attacks and solutions on strong-password authentication [J]. IEICE transactions on communications, vol. 84, no.9, pp.2622-2627,2001.
[47]Chien-Ming C, Wei-Chi K. Stolen-verifier attack on two new strong-password authentication protocols [J]. IEICE transactions on communications, vol.85, no. 11, pp.2519-2521,2002.
[48]李雄.多种环境下身份认证协议的研究与设计[D].北京:北京邮电大学.pp.4-5,2012.
[49]Chang, C.C., Wu, T.C.:Remote password authentication with smart cards [J]. In IEE Proceedings-Computers and Digital Techniques, vol.138, no.3, pp. 165-168,1991.
[50]W.B. Lee, C.C. Chang, User identification and key distribution maintaining anonymity for distributed computer network [J]. Comput. Syst. Sci. vol.15, no. 4, pp.211-214,2000.
[51]W.J. Tsuar, C.C. Wu, W.B. Lee, A flexible user authentication for multiserver internet services [J]. Networking-JCN2001LNCS. vol.2093, pp.174-183,2001.
[52]L. Li, I. Lin, M. Hwang, A remote password authentication scheme for multi-server architecture using neural networks [J]. IEEE Trans. Neural Netw. vol.12, no.6, pp.1498-1504,2001.
[53]Lin, I., Hwang, M., Li, L. A new remote user authentication scheme for multiserver architecture [J]. Future Generation Computer Systems, vol.19, no. 1, pp.13-22,2003.
[54]Juang W-S. Efficient multi-server password authenticated key agreement using smart cards [J]. IEEE Transaction on Consumer Electronics, vol.50, no.1, pp. 251-255,2004.
[55]Chang C-C, Lee J-S. An efficient and secure multi-server password authentication scheme using smart cards [C]. In Proceedings of the third international conference on cyberworlds. pp.417-422,2004.
[56]Liao, Y., Wang,S.A secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol.31, no. 1, pp.24-29,2009.
[57]Hsiang, H., Shih, W. Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces, vol.31, no.6, pp.1118-1123,2009.
[58]Shao, M., Chin, Y:A novel approach to dynamic id-based remote user authentication scheme for multi-server environment [C]. International Conference on Network and System Security (NSS), pp.548-553,2010.
[59]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security (NSS), vol.7645, pp.462-475,2012.
[60]Lee J K, Ryu S R, Yoo K Y. Fingerprint-based remote user authentication scheme using smart cards. Electronics Letters [J]. vol.38, no.12, pp.554-555, 2002,.
[61]Lin C H, Lai Y Y. A flexible biometrics remote user authentication scheme. Computer Standards & Interfaces [J]. vol.27, no.1, pp.19-23,2004.
[62]Yoon E J, Yoo K Y. A new efficient fingerprint-based remote user authentication scheme for multimedia systems [C]. Knowledge-Based Intelligent Information and Engineering Systems. Springer Berlin Heidelberg, pp.332-338,2005.
[63]Lee Y, Kwon T. An improved fingerprint-based remote user authentication scheme using smart cards [M]. Computational Science and Its Applications-ICCSA 2006. Springer Berlin Heidelberg, pp.915-922,2006.
[64]Khan M K, Zhang J. An efficient and practical fingerprint-based remote user authentication scheme with smart cards [M]. Information Security Practice and Experience. Springer Berlin Heidelberg, pp.260-268,2006.
[65]Xu J, Zhu W T, Feng D G. Improvement of a Fingerprint-Based Remote User Authentication Scheme [C]. Information Security and Assurance,2008. ISA 2008. International Conference on IEEE.pp.87-92,2008.
[66]Yang H K, An Y H. Security. Weaknesses and Improvements of a Fingerprint-based Remote User Authentication Scheme Using Smart Cards [J]. International Journal of Advancements in Computing Technology, vol.4, no.1, pp.15-23,2012.
[67]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.33, no.1, pp.1-5,2010.
[68]Das A K. Analysis and improvement on an efficient biometric-based remote user authentication scheme using smart cards [J]. Information Security, IET. vol.5, no.3, pp.145-151,2011.
[69]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometric-based remote authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.34, no.1, pp.73-79,2011.
[70]Jeon S, Kim H S, Kim M S. Enhanced biometrics-based remote user authentication scheme using smart cards [J]. J. of Security Engineering. vol.8, no.2, pp.237-254,2011.
[71]Truong T T, Tran M T, Duong A D. Robust biometrics-based remote user authentication scheme using smart cards [C]. Network-Based Information Systems (NBiS),2012 15th International Conference on. IEEE. pp.384-391, 2012.
[1]Dolev D, Yao A. On the security of public key protocols [J]. IEEE Transactions on Information Theory, vol.29, no.2, pp.198-208,1983.
[2]凌捷.非接触式指纹智能卡的关键技术研究[J].计算机工程与应用.vol.14,pp.5-7,2001.
[3]韩涛.基于智能卡与生物特征的身份认证协议的研究[D].湖北:湖北工业大学.pp.2-3,2011.
[4]Xue K, Hong P, Ma C. A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture [J]. arXiv:1204.3831,2012.
[5]Wang, D., Ma, C.G., Gu, D.L., Cui, Z.S.:Cryptanalysis of two dynamic ID-based remote user authentication schemes for multi-server architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security (NSS), LNCS, vol.7645, pp.462-475,2012.
[6]顾洁.面向无线社区的身份认证及密钥管理技术研究[D].上海:上海交通大学.pp.2-29,2012.
[7]潘泽波基于指纹认证的Kerberos认证系统的设计[D]湖南中南大学-pp.2-,2008.
[8]Everitt R A J, McOwan P W. Java-based Internet biometric authentication system [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.25, no.9, pp.1166-1172,2003.
[9]Dass S C, Zhu Y F, Jain A K. Validating a biometric authentication system: sample size requirements [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.28, no.12, pp.1902-1919,2006.
[10]Poh N, Bengio S. How do correlation and variance of base-experts affect fusion in biometric authentication tasks [J]. IEEE Transactions on Signal Processing, vol.53, no. 11, pp.4384-4396,2005.
[11]Mitra S, Savvides M, Brockwell A. Statistical performance evaluation of biometric authentication systems using random effects models [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence, vol.29, no.4, pp. 517-530,2007.
[12]Snelick R, Uludag U, Mink A, et al. Large-scale evaluation of multimodal biometric authentication using state-of-the-art systems [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.27, no.3, pp.450-455,2005.
[13]Tao Q, Veldhuis R. Biometric authentication system on mobile personal devices [J]. IEEE Transactions on Instrumentation and Measurement. vol.59, no.4, pp. 763-773,2010.
[14]Pankanti S, Prabhakar S, Jain A K. On the individuality of fingerprints [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.24, no.8, pp. 1010-1025,2002.
[15]Nandakumar K, Jain A K, Pankanti S. Fingerprint-based fuzzy vault: implementation and performance [J]. IEEE Transactions on Information Forensics and Security. vol.2, no.4, pp.744-757,2007.
[16]Jain A K, Hong L, Pankanti S and Bolle R. An identity-authentication system using fingerprints [J]. In Proceedings of the IEEE. vol.85, no.9, pp.1365-1388, 1997.
[17]Nanni L, Brahnam S, Lumini A. Biohashing applied to orientation-based minutia descriptor for secure fingerprint authentication system [J]. Electronics Letters. vol.47, no.15, pp.851-853,2011.
[18]Sanchez-Avila C, Sanchez-Reillo R, de Martin-Roche D. Iris-based biometric recognition using dyadic wavelet transform [J]. IEEE Aerospace and Electronic Systems Magazine. vol.17, no.10, pp.3-6,2002.
[19]Schmid N A, Ketkar M V, Singh H and Cukic B. Performance analysis of iris-based identification system at the matching score level [J]. IEEE Transactions on Information Forensics and Security. vol.1, no.2, pp.154-168, 2006.
[20]Sun Z N, Tan T N. Ordinal measures for iris recognition [J]. IEEE Transactions on Pattern Analysis and Machine Intelligence. vol.31, no.12, pp.2211-2226, 2009.
[21]Liu-Jimenez J, Sanchez-Reillo R, Fernandez-Saavedra B. Iris biometrics for embedded systems [J]. IEEE Transactions on Very Large Scale Integration (VLSI) Systems. vol.19, no.2, pp.274-282,2011.
[22]Sanchez-Reillo R, Sanchez-Avila C, Gonzalez-Marcos A. Improving access control security using iris identification [C]. In Proceedings of IEEE 34th Annual 2000 International Carnahan Conference on Security Technology. pp. 56-59,2000.
[23]Kounoudes A, Kekatos V, Mavromoustakos S. Voice biometric authentication for enhancing Internet service security [C]. In Proceedings of 2nd Information and Communication Technologies (ICTTA'06). pp.1020-1025,2006.
[24]Kim D S, Hong K S. Multimodal biometric authentication using teeth image and voice in mobile environment [J]. IEEE Transactions on Consumer Electronics.vol.54, no.4, pp.1790-1797,2008.
[25]Chandra E, Sunitha C. A review on speech and speaker authentication system using voice signal feature selection and extraction [J]. In Proceedings of IEEE International Advance Computing Conference (IACC 2009). pp.1341-1346, 2009.
[26]Kim D J, Chung K W, Hong K S. Person authentication using face, teeth and voice modalities for mobile device security [J]. IEEE Transactions on Consumer Electronics. vol.56, no.4, pp.2678-2685,2010.
[27]Foomany F H, Hirschfield A, Ingleby M. Toward a dynamic framework for security evaluation of voice verification systems [C]. In Proceedings of IEEE Toronto International Conference on Science and Technology for Humanity (TIC-STH). pp.22-27,2009.
[28]Porwik P. The compact three stages method of the signature recognition [C]. In Proceedings of 6th International Conference on Computer Information Systems and Industrial Management Applications (CISIM). pp.282-287,2007.
[29]Porwik P, Para T. Some handwritten signature parameters in biometric recognition process [C]. In Proceedings of 29th International Conference on Information Technology Interfaces (ITI 2007). pp.185-190,2007.
[30]Thian S O, Khoh W H, Teoh A. Dynamic handwritten signature verification based on statistical quantization mechanism [C]. In Proceedings of International Conference on Computer Engineering and Technology (IC-CET'09). pp. 312-316,2009.
[31]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems. vol.8, no.1, pp.18-36,1990.
[32]刘政林,董馨,李东方.SHA-2(256,384,512)系列算法的硬件实现[J].微电子学与计算机.vol.29, no.12, pp.51-54,2012.
[33]王正才;许道云;王晓峰;唐郑熠;韦立,BAN逻辑的可靠性分析与改进;[J].计算机工程-vol.38, no.17, pp.110-115,2012.
[34]余荣威;王丽娜;匡波,面向远程证明的安全协议设计方法;[J]通信学报-vol.10, pp.19-24,2008
[35]秦小龙,杨义先,USB密码钥及其在Kerberos系统中的应用.计算机工程与应用-vol.38, no.5, pp.12-14,2002
[1]Jonathan Katz, Rafail Ostrovsky, Moti Yung. Efficient Password-Authenticated Key Exchange Using Human-Memorable Passwords [C]. EUROCRYPT, pp. 475-494,2001.
[2]IkSu Park, SeungBae Park, ByeongKyun Oh. User Authentication Protocol Based on Human Memorable Password and Using RSA [C], ICCSA, vol.3043, pp.527-536,2004.
[3]Tsaur W-J, Wu C-C, Lee W-B. A smart card-based remote scheme for password authentication in multi-server Internet services [J]. Computer Standards & Interfaces. vol.27, no.1, pp.39-51,2004.
[4]Tsai J-L. Efficient multi-server authentication scheme based on one-way hash function without verification table [J]. Computers & Security, vol.27, no.3-4, pp.115-121,2008.
[5]李雄.多种环境下身份认证协议的研究与设计[D]北京:北京邮电大学.pp.12-14,2012.
[6]Chang, C.C, Wu, T.C. Remote password authentication with smart cards [J]. IEE Proceedings-Computers and Digital Techniques, vol.138, no.3, pp. 165-168,1991.
[7]C.Berzou and A.Glavieux. Near Shannon Limit Error-Correcting Coding and Decoding:Turbo-codes [C]. IEEE International Cconference Communications. vol.6, no.4, pp.1064-1070,1993.
[8]D. J.C.Mackay and R.M.Neal. Near Shannon Limit Performance of Low Density Parity Check Codes [J]. Electric Letters. vol.32, pp.1645-1646,1996.
[9]Luby M, Mizenmacher M, Shokrollahi M A, et al. Improved Low Density Parity Check Codes using Irregular Graphs and Belief Propagation [C]. International Symposium on Information Theory (ISIT). pp.117,1998.
[10]Ford W, Kaliski B S. Server-assisted generation of a strong secret from a password [C]. In Proceedings of IEEE 9th international workshop enabling technologies. pp.176-180,2000.
[11]L. Li, I. Lin, M. Hwang. A remote password authentication scheme for multi-server architecture using neural networks [J]. IEEE Trans. Neural Netw. vol.12, no.6, pp.1498-1504,2001.
[12]Lin. I, Hwang. M, Li. L. A new remote user authentication scheme for multiserver architecture [J]. Future Generation Computer Systems, vol.19, no.1, pp.13-22,2003.
[13]Chang C-C, Lee J-S. An efficient and secure multi-server password authentication scheme using smart cards [C]. In Proceedings of the third international conference on cyberworlds. pp.417-422,2004.
[14]Liao. Y, Wang. S. A secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no. 1, pp.24-29,2009.
[15]Hsiang. H, Shih. W. Improvement of the secure dynamic id based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no.6, pp.1118-1123,2009.
[16]Shao. M, Chin. Y. A novel approach to dynamic id-based remote user authentication scheme for multi-server environment [C]. In:2010 4th International Conference on Network and System Security. pp.548-553,2010.
[17]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In Proceedings of 6th International Conference on Network and System Security (NSS). vol.7645, pp.462-475,2012.
[18]Wu. S.H, Zhu, Y.F, Pu. Q. Robust smart-cards-based user authentication scheme with user anonymity [J]. Security and Communication Networks. vol.5, no.2, pp.236-248,2012.
[19]Wang. Y. Password Protected Smart Card and Memory Stick Authenticationagainst Off-Line Dictionary Attacks [C]. In:Gritzalis, D. Furnell., S., Theoharidou, M.(eds.) SEC 2012. IFIP AICT. vol.376, pp.489-500. Springer, Heidelberg,2012.
[20]Tan. Z. Cryptanalysis of two id based password authentication schemes for multiserver environments [J]. International Journal of Digital Content Technology and its Applications. vol.5, no.1, pp.87-94,2011.
[21]Yeh. K, Lo. N, Li. Y. Cryptanalysis of hsiang-shihs authentication scheme for multi-server architecture [J]. International Journal of Communication Systems. vol.24, no.7, pp.829-836,2011.
[22]Sood. S, Sarje. A, Singh. K. A secure dynamic identity based authentication protocol for multi-server architecture [J]. Journal of Network and Computer Applications. vol.34, no.2, pp.609-618,2011.
[23]Kocher, P., Jaffe, J., Jun, B. Differential Power Analysis [C]. In:Wiener, M. (ed.) CRYPTO 1999. LNCS, Springer, Heidelberg (1999). vol.1666, pp.388-789, 1999.
[24]Messerges, T.S., Dabbish, E.A., Sloan, R.H. Examining smart-card security under the threat of power analysis attacks [J]. IEEE Transactions on Computers. vol.51, no.5, pp.541-552,2002.
[25]Kasper. T, Oswald. D, Paar. C. Side-Channel Analysis of Cryptographic RFIDs with Analog Demodulation [C]. In:Juels, A., Paar, C. (eds.) RFIDSec 2011. LNCS. vol.7055, pp.61-77,2012.
[26]Florencio. D, Herley. C. A large-scale study of web password habits [C]. In: WWW'07 Proceedings of the 16th international conference on World Wide Web. pp.657-666,2007.
[27]Klein. D.V. Foiling the cracker:A survey of, and improvements to, password security [C]. In Proceedings of the 2nd USENIX Security Workshop. pp.5-14, 1990.
[28]崔建明,张小军等.一种基于人可记忆密码的多服务器安全认证方法[P]:中国发明专利,201310275399.X.
[1]Lee J-K, Ryu S-R, Yoo K-Y. Fingerprint-based remote user authentication scheme using smart cards [J]. Electronics Letters. vol.38, no.12, pp.554-555, 2002.
[2]Lin C-H, Lai Y-Y. A flexible biometrics remote user authentication scheme [J]. Computer Standards & Interfaces. vol.27, no.1, pp.19-23,2004.
[3]W.C. Ku, S.T. Chang, M.H. Chiang. Further cryptanalysis of fingerprint-based remote user authentication scheme using smartcards [J]. IEE Electronics Letters, vol.41, no.5,2005.
[4]Kim H-S, Lee S-W, Yoo K-Y. ID-based password authentication scheme using smart cards and fingerprints [J]. ACM SIGOPS Operating Systems Review. vol. 37, no.4, pp.32-41,2003.
[5]Scott M. Cryptanalysis of an ID-based password authentication scheme using smart cards and fingerprints [J]. ACM SIGOPS Operating Systems Review. vol. 38, no.2, pp.73-75,2004.
[6]Khan M-K, Zhang J-S. Improving the security of'a flexible biometrics remote user authentication scheme" [J]. Computer Standards & Interfaces. vol.29, no.1, pp.82-85,2007.
[7]Fan C-I, Lin Y-H. Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics [J]. Transactions on Information Forensics and Security. vol.4, no.4, pp.933-945,2009.
[8]Li C-T, Hwang M-S. An efficient biometrics-based remote user authentication scheme using smartcards [J]. Journal of Network and Computer Applications. vol,33, no.1, pp.1-5,2010.
[9]Li X, Niu J-W, Ma J, Wang W-D, Liu C-L. Cryptanalysis and improvement of a biometrics-based remote user authentication scheme using smart cards [J]. Journal of Network and Computer Applications. vol.34, no.1, pp.76-79,2011.
[10]李雄.多种环境下身份认证协议的研究与设计[D],北京:北京邮电大学.pp.61-66,2012.
[11]Hsiang H, Shih W. Improvement of the secure dynamic ID based remote user authentication scheme for multi-server environment [J]. Computer Standards & Interfaces. vol.31, no.6, pp.1118-1123,2009.
[12]Sood S K, Sarje A K, Singh K. A secure dynamic identity based authentication protocol for multi-server architecture [J]. Journal of Network and Computer Applications. vol.34, no.2, pp.609-618,2011.
[13]Li X, Xiong Y-P, Ma J, Wang W-D. An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards [J]. Journal of Network and Computer Applications. vol.35,no.2, pp.763-769, 2012.
[14]C Chou J S, Chen Y, Huang C H,-et al. Comments on four multi-server authentication protocols using smart card [J]. IACR Cryptology ePrint Archive. pp.406,2012.
[15]Xue K, Hong P, Ma C. A lightweight dynamic pseudonym identity based authentication and key agreement protocol without verification tables for multi-server architecture [J]. Journal of Computer and System Sciences. vol.80, no.1, pp.196-205,2014.
[16]Wang D, Ma C-G, Gu D-L, Cui Z-S. Cryptanalysis of Two Dynamic ID-based Remote User Authentication Schemes for Multi-Server Architecture [C]. In:Xu, L., Mu, Y. (eds.) In Proceedings of 6th International Conference on Network and System Security. LNCS.7645, pp.462-475,2012.
[17]A K. Das. Cryptanalysis and further improvement of a biometricbased remote user authentication scheme using smart cards [J]. International Journal of Network Security & Its Applications. vol.3, no.2. pp.13-28,2011.
[18]崔建明,张小军等.一种基于口令和生物特征的智能卡注册登录方法[P],中国发明专利,201310275194.1.
[19]崔建明,张小军等.一种基于密码、智能卡和生物特征的远程身份认证方法[P]:中国发明专利,201310275214.5.
[1]Wolfgang Effing, Wolfgang Rankl, Kenneth Cox, Smart Card Handbook(4th) [M], John Wiley & Sons Inc. pp.221-250,2010.
[2]Opencores, OpenRISC 1200 IP Core Specification [EB/OL]. http://openrisc.net/ or1200-spec.html.
[3]Shafi Goldwasser, Silvio Micali. Probabilistic Encryption [J]. Journal of Computer and System Sciences, vol.28, no.2, pp.270-299,1984.
[4]冯登国.可证明安全性理论与方法研究[J].软件学报.vol.16, no.10, pp. 1743-1756,2005.
[5]王皓.基于身份密码体制的研究[D].山东大学.pp.17-18,2012.
[6]Terasic, Altera DE2-70 Board [EB/OL], http://www.terasic.com.tw/cgi-bin/ page/archive.pl? No=226.
[7]威尔迪,FD20-T指纹模块[EB/OL], http://www.fplock.cn/mokuai/.