留言板

尊敬的读者、作者、审稿人, 关于本刊的投稿、审稿、编辑和出版的任何问题, 您可以本页添加留言。我们将尽快给您答复。谢谢您的支持!

姓名
邮箱
手机号码
标题
留言内容
验证码

基于切比雪夫混沌映射和生物识别的身份认证方案

董晓露 黎妹红 杜晔 吴倩倩

董晓露, 黎妹红, 杜晔, 等 . 基于切比雪夫混沌映射和生物识别的身份认证方案[J]. 北京航空航天大学学报, 2019, 45(5): 1052-1058. doi: 10.13700/j.bh.1001-5965.2018.0512
引用本文: 董晓露, 黎妹红, 杜晔, 等 . 基于切比雪夫混沌映射和生物识别的身份认证方案[J]. 北京航空航天大学学报, 2019, 45(5): 1052-1058. doi: 10.13700/j.bh.1001-5965.2018.0512
DONG Xiaolu, LI Meihong, DU Ye, et al. A biometric verification based authentication scheme using Chebyshev chaotic mapping[J]. Journal of Beijing University of Aeronautics and Astronautics, 2019, 45(5): 1052-1058. doi: 10.13700/j.bh.1001-5965.2018.0512(in Chinese)
Citation: DONG Xiaolu, LI Meihong, DU Ye, et al. A biometric verification based authentication scheme using Chebyshev chaotic mapping[J]. Journal of Beijing University of Aeronautics and Astronautics, 2019, 45(5): 1052-1058. doi: 10.13700/j.bh.1001-5965.2018.0512(in Chinese)

基于切比雪夫混沌映射和生物识别的身份认证方案

doi: 10.13700/j.bh.1001-5965.2018.0512
详细信息
    作者简介:

    董晓露  女, 硕士研究生。主要研究方向:身份认证

    黎妹红  男, 博士, 讲师。主要研究方向:身份认证、保密技术

    通讯作者:

    黎妹红.E-mail:mhli1@bjtu.edu.cn

  • 中图分类号: TN918.4

A biometric verification based authentication scheme using Chebyshev chaotic mapping

More Information
  • 摘要:

    云计算中访问控制和安全性是两大问题,且与传统的身份认证存在一定区别。利用切比雪夫多项式的半群特性、混沌特性,提出了一种基于切比雪夫混沌映射和生物识别的口令认证密钥协商方案。用户和服务器首先在云服务提供商(CSP)处进行注册,随后无需CSP的参与即可完成认证,建立会话密钥。安全性分析和性能比较表明,方案满足许多安全因素,如双向认证、用户隐私保护、多因素安全、前向安全性,即使CSP的主密钥被泄露,前向安全性也能确保用户会话密钥的机密性;此外,方案还能抵抗中间人攻击、离线口令猜测攻击和仿冒攻击等,并且支持多服务器环境中用户口令和生物特征的高效变更。

     

  • 图 1  系统模型

    Figure 1.  System model

    图 2  注册模块

    Figure 2.  Registration module

    图 3  登录、认证及密钥协商模块

    Figure 3.  Login, authentication and key agreement module

    表  1  符号及其含义

    Table  1.   Notation and description

    符号 含义
    IDi 用户Ui的身份标识
    PWi 用户Ui的口令
    SIDj 服务器CSj的身份标识
    Gen() 模糊提取生成函数
    Rep() 模糊提取重构函数
    BIOi 用户Ui的生物特征
    bi 用户Ui的生物特征密钥
    αi 公共重构参数
    a 事先设定的容错阈值
    h() 单向哈希函数
    T1, T2, T3 系统时间戳
    ΔT 最大通信时延
    连接
    异或运算
    下载: 导出CSV

    表  2  安全属性对比

    Table  2.   Comparison of security properties

    安全属性 本文 文献[16] 文献[17] 文献[18] 文献[19]
    用户隐私保护 × × × ×
    完美前向安全 × × ×
    抗离线口令猜测 - -
    多因素安全 × × × ×
    抗云服务器仿冒 ×
    抗用户仿冒
    抗重放攻击
    下载: 导出CSV

    表  3  计算成本对比

    Table  3.   Comparison of computation cost

    对象 本文 文献[16] 文献[17] 文献[18] 文献[19]
    Ui 12H+1F+2C 8H 7H 8H+4M+2A 6H+2M
    CSj/CSP 8H+2C 2H 3H 5H+4M+2A 7H+3M+4S
    总消耗 20H+4C+1F 10H 10H 13H+8M+4A 13H+5M+4S
    下载: 导出CSV
  • [1] MAJUMDER A, NAMASUDRA S, NATH S.Taxonomy and classification of access control models for cloud environments[M].Berlin:Springer-Verlag, 2014:23-53.
    [2] YANG J H, CHANG Y F, HUANG C C.A user authentication scheme on multi-server environments for cloud computing[C]//Communications and Signal Processing.Piscataway, NJ: IEEE Press, 2014: 1-4. https://www.researchgate.net/publication/271555870_A_user_authentication_scheme_on_multi-server_environments_for_cloud_computing
    [3] YANG J H, LIN P Y.An ID-based user authentication scheme for cloud computing[C]//10th International Conference on Intelligent Information Hiding and Multimedia Signal Processing.Piscataway, NJ: IEEE Press, 2014: 98-101. https://ieeexplore.ieee.org/document/6998277/
    [4] YASSIN A A, JIN H, IBRAHIM A, et al.A practical privacy-preserving password authentication scheme for cloud computing[C]//Parallel and Distributed Processing Symposium Workshops & PHD Forum Piscataway, NJ: IEEE Press, 2012: 1210-1217. https://www.researchgate.net/publication/258206733_A_Practical_Privacy_preserving_Password_authentication_Scheme_for_Cloud_Computing
    [5] TSAI J L, LO N W.A privacy-aware authentication scheme for distributed mobile cloud computing services[J].IEEE Systems Journal, 2017, 9(3):805-815. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=8536486a2db81ba1528a087c7bdcddf0
    [6] LAMPORT L.Password authentication with insecure communication[J].Communications of the ACM, 1981, 24(24):770-772. doi: 10.1145-358790.358797/
    [7] SHOUP V, RUBIN A.Session key distribution using smart cards[C]//International Conference on Theory and Application of Cryptographic Techniques.Berlin: Springer-Verlag, 1996: 321-331.
    [8] HWANG M S, LI H.A new remote user authentication scheme using smart cards[J].IEEE Transactions on Consumer Electronics 2000, 46(1):28-30. doi: 10.1109/30.826377
    [9] HE D, WANG D.Robust biometrics-based authentication scheme for multiserver environment[J].IEEE Systems Journal, 2015, 9(3):816-823. doi: 10.1109/JSYST.2014.2301517
    [10] ODELU V, DAS AK, GOSWAMI A.A secure biometrics based multi-server authentication protocol using smart cards[J].IEEE Transactions on Information Forensicsand Security, 2015, 10(9):1953-1966. doi: 10.1109/TIFS.2015.2439964
    [11] WAZID M, DAS A K, KUMARI S, et al.Provably secure biometric-based user authentication and key agreement scheme in cloud computing[J].Security & Communication Networks, 2016, 9(17):4103-4119. http://cn.bing.com/academic/profile?id=02fe9daf8a86dd7c5f8ba001800e3f09&encoded=0&v=paper_preview&mkt=zh-cn
    [12] NAMASUDRA S, ROY P.A new secure authentication scheme for cloud computing environment[J].Concurrency & Computation Practice & Experience, 2017, 29:e3864. http://cn.bing.com/academic/profile?id=a5b6a2807dfb1221ae5f9d86d6517089&encoded=0&v=paper_preview&mkt=zh-cn
    [13] DODIS Y, OSTROVSKY R, REYZIN L, et al.Fuzzy extractors:How to generate strong keys from biometrics and other noisy data[J].SIAM Journal on Computing, 2008, 38(1):97-139. doi: 10.1137/060651380
    [14] CHRISTOPH G G.An Identity-based key-exchange protocol[C]//Workshop on the Theory and Application of of Cryptographic Techniques.Berlin: Springer, 1989: 235-258.
    [15] MESSERGES T S, DABBISH E A, SLOAN R H.Examining smart-card security under the threat of power analysis attacks[J].IEEE Transactions on Computers, 2002, 51(5):541-552. doi: 10.1109/TC.2002.1004593
    [16] PIPPAL R S, JAIDHAR C D, TAPASWI S.Enhanced time-bound ticket-based mutual authentication scheme for cloud computing[J].Informatica, 2013, 37(2):149-156. http://cn.bing.com/academic/profile?id=dcc91736db2e3d4f401f0c30e18b2bad&encoded=0&v=paper_preview&mkt=zh-cn
    [17] HAO Z, ZHONG S, YU N.A time-bound ticket-based mutual authentication scheme for cloud computing[J].International Journal of Computers Communications & Control, 2011, Ⅵ(2):227-235. http://cn.bing.com/academic/profile?id=9fabcefca2491727889f18fce0c4bf77&encoded=0&v=paper_preview&mkt=zh-cn
    [18] CHEN T H, YEH H, SHIH W K.An advanced ECC dynamic ID-based remote mutual authentication scheme for cloud computing[C]//FTRA International Conference on Multimedia & Ubiquitous Engineering.Piscataway, NJ: IEEE Press, 2011: 155-159. https://www.researchgate.net/publication/221281948_An_Advanced_ECC_Dynamic_ID-Based_Remote_Mutual_Authentication_Scheme_for_Cloud_Computing
    [19] LI H, LI F, SONG C, et al.Towards smart card based mutual authentication schemes in cloud computing[J].KSⅡ Transactions on Internet & Information Systems, 2015, 9(7):2719-2735. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=JAKO201536553511304
    [20] LI W, WEN Q, SU Q, et al.An efficient and secure mobile payment protocol for restricted connectivity scenarios in vehicular ad hoc network[J].Computer Communications, 2012, 35(2):188-195. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=58638ab866515a9e003bab7dc4bd16d9
    [21] HE D, KUMAR N, LEE J H, et al.Enhanced three-factor security protocol for consumer USB mass storage devices[J].IEEE Transactions on Consumer Electronics, 2014, 60(1):30-37. doi: 10.1109/TCE.2014.6780922
    [22] YOON E J, JEON I S.An efficient and secure Diffie-Hellman key agreement protocol based on Chebyshev chaotic map[J].Communications in Nonlinear Science & Numerical Simulation, 2011, 16(6):2383-2389. http://www.wanfangdata.com.cn/details/detail.do?_type=perio&id=d7980abeaabeec54a9ca66a0b852815e
    [23] WANG X Y, ZHAO J F.An improved key agreement protocol based on chaos[J].Communications in Nonlinear Science & Numerical Simulation, 2010, 15(12):4052-4057. http://cn.bing.com/academic/profile?id=0ee9d3dc2d2c71959a854e97622124f9&encoded=0&v=paper_preview&mkt=zh-cn
  • 加载中
图(3) / 表(3)
计量
  • 文章访问数:  769
  • HTML全文浏览量:  105
  • PDF下载量:  461
  • 被引次数: 0
出版历程
  • 收稿日期:  2018-08-31
  • 录用日期:  2018-11-30
  • 网络出版日期:  2019-05-20

目录

    /

    返回文章
    返回
    常见问答