一种改进的轻量级远程用户认证方案
|
摘要
物联网中远程用户身份认证是保证在线服务安全性的第一步。针对Kaul等人提出的远程用户认证方案中不能抵抗离线口令猜测攻击的安全缺陷问题,基于安全hash函数和简单的异或运算,提出一种改进的轻量级远程用户认证方案。经安全性、开销和时间复杂度分析,与原方案相比,所提方案抗离线口令猜测攻击,未增加存储开销和通信开销,安全性更高,执行时间更少,更适用于资源受限的移动设备。
Remote user authentication is the first step to guarantee the security of online services in the Internet of Things. Aiming at the security defect of remote user authentication scheme proposed by Kaul et al., which cannot resist offline password guessing attack, proposes an improved lightweight remote user authentication scheme based on secure hash function and simple XOR operation. After the analysis of the security, overhead and execution time, compared with the original scheme, the proposed scheme can resist offline password guessing attack without increasing storage and communication overhead, and has higher security, less execution time, and is more suitable for mobile devices with limited resources.
Remote user authentication is the first step to guarantee the security of online services in the Internet of Things. Aiming at the security defect of remote user authentication scheme proposed by Kaul et al., which cannot resist offline password guessing attack, proposes an improved lightweight remote user authentication scheme based on secure hash function and simple XOR operation. After the analysis of the security, overhead and execution time, compared with the original scheme, the proposed scheme can resist offline password guessing attack without increasing storage and communication overhead, and has higher security, less execution time, and is more suitable for mobile devices with limited resources.
引文
[1]Wang D,Cheng H,He D,et al.On the Challenges in Designing Identity-Based Privacy-Preserving Authentication Schemes for Mobile Devices[J].IEEE Systems Journal,2016,99:1-10.
[2]Lamport L.Password Authentication with Insecure Communication[J].Communications of the ACM,1981,24(24):770-772.
[3]Das M L,Saxena A,Gulati V P.A Dynamic ID-Based Remote User Authentication Scheme[M].IEEE Press,2004.
[4]Wang Y Y,Liu J Y,Xiao F X,et al.A More Efficient and Secure Dynamic ID-Based Remote User Authentication Scheme[J].Computer Communications,2009,32(4):583-585.
[5]Wen F,Li X.An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme[J].Journal of Computer Electrical Engineering,2012,38(2):381-387.
[6]Kumari S,Khan M K,Li X.An Improved Remote User Authentication Scheme with Key Agreement[J].Computers&Electrical Engineering,2014,40(6):1997-2012.
[7]Kaul S D,Awasthi A K.Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement[J].Wireless Personal Communications,2016,89(2):621-637.
[8]Wang D,Zhang Z,Wang P,et al.Targeted Online Password Guessing:An Underestimated Threat[C].ACM Sigsac Conference on Computer&Communications Security.ACM,2016:1242-1254.
[9]Sood S K,Sarje A K,Singh K.An Improvement of Liao et al.'s Authentication Scheme Using Smart Cards[C].Advance Computing Conference.IEEE,2010:240-5.
[10]Kilinc H H,Yanik T.A Survey of SIP Authentication and Key Agreement Schemes[J].IEEE Communications Surveys&Tutorials,201416(2):1005-1023.
[2]Lamport L.Password Authentication with Insecure Communication[J].Communications of the ACM,1981,24(24):770-772.
[3]Das M L,Saxena A,Gulati V P.A Dynamic ID-Based Remote User Authentication Scheme[M].IEEE Press,2004.
[4]Wang Y Y,Liu J Y,Xiao F X,et al.A More Efficient and Secure Dynamic ID-Based Remote User Authentication Scheme[J].Computer Communications,2009,32(4):583-585.
[5]Wen F,Li X.An Improved Dynamic ID-Based Remote User Authentication with Key Agreement Scheme[J].Journal of Computer Electrical Engineering,2012,38(2):381-387.
[6]Kumari S,Khan M K,Li X.An Improved Remote User Authentication Scheme with Key Agreement[J].Computers&Electrical Engineering,2014,40(6):1997-2012.
[7]Kaul S D,Awasthi A K.Security Enhancement of an Improved Remote User Authentication Scheme with Key Agreement[J].Wireless Personal Communications,2016,89(2):621-637.
[8]Wang D,Zhang Z,Wang P,et al.Targeted Online Password Guessing:An Underestimated Threat[C].ACM Sigsac Conference on Computer&Communications Security.ACM,2016:1242-1254.
[9]Sood S K,Sarje A K,Singh K.An Improvement of Liao et al.'s Authentication Scheme Using Smart Cards[C].Advance Computing Conference.IEEE,2010:240-5.
[10]Kilinc H H,Yanik T.A Survey of SIP Authentication and Key Agreement Schemes[J].IEEE Communications Surveys&Tutorials,201416(2):1005-1023.