基于智能卡和可撤除2DPalmPhasor码的远程用户身份认证方案
首发时间:2013-01-29
摘要:与其它身份认证方式相比,掌纹生物特征识别认证被认为是一种有效的身份认证技术。不过,直接利用掌纹生物识别技术进行远程用户身份认证面临用户掌纹生物特征被盗的重放攻击和其它远程伪造攻击。为此,本文设计一种基于智能卡和可撤除2DPalmPhasor 码的远程用户双向身份认证方案来增强其安全性。该方案使用智能卡存储2DPalmPhasor 码,允许用户自由修改口令,具有很好的可撤销性;同时采用双钥绑定框架解决了哈希函数对生物特征类内差异的敏感性问题,并利用随机数机制有效地抵御重放攻击以及中间人攻击。分析表明该方案实现了安全、高效、可靠、实用的远程双向身份认证。
关键词: 信息安全 可撤除掌纹 远程身份认证 哈希函数 智能卡
For information in English, please click here
Remote User Authentication Scheme Based on Cancelable Palmprint using Smart Cards
Abstract:Palmprint-based authentication systems is widely accepted as a reliable form of authentication compared to other traditional schenmes. However, the open nature of remote authentication makes palmprint systems vulnerable to replay attack and other remote fraudulent attacks. Therefore, the usage of palmprint systems for remote authentication is still very limited. This paper proposes a new remote mutual authentication scheme based on cancelable palmprint using smart cards over an open network. In the proposed scheme, the cancelable 2DPalmPhasor codes are stored in the smart cards and users are allowed to modify their passwords freely, so the scheme has excellent cancelability. Moreover, dual-key-binding framework is adopted to solve the sensitive fundamental property of the one-way hash function and random number mechanism is used to resist replay attack and man-in-man attack. The analysis shows that the scheme provides secure, efficient, reliable and practical remote mutual authentication.
Keywords: Information security cancelable palmprint remote authentication hash encryption smart-card
论文图表:
引用
No.****
同行评议
共计0人参与
勘误表
基于智能卡和可撤除2DPalmPhasor码的远程用户身份认证方案
评论
全部评论0/1000