微信服务号

微信订阅号

2025年3月24日 14:14 星期一
首页 > 过刊浏览>2016年第27卷第6期 >1511-1522. DOI:10.13328/j.cnki.jos.005001
PDF HTML阅读 XML下载 导出引用 引用提醒
标准模型下隐私保护的多因素密钥交换协议
作者:
基金项目:

国家自然科学基金(61309016,61379150,61201220,U1135002,U1405255);国家高技术研究发展计划(863)(2015AA011704);中国博士后科学基金(2014M562493);陕西省博士后科学基金;信息保障技术重点实验室开放课题(KJ-13-02);高校基本业务费项目(JB161501);河南省科技攻关重点项目(092101210502,122102210126)


Privacy-Preserving Multi-Factor Key Exchange Protocol in the Standard Model
Author:
Fund Project:

National Natural Science Foundation of China (61309016, 61379150, 61201220, U1135002, U1405255); National High-Tech R&D Program of China (863) (2015AA011704); China Postdoctoral Science Foundation (2014M562493); Shaanxi Province Postdoctoral Science Foundation; The Funding of Science and Technology on Information Assurance Laboratory (KJ-13-02); Fundamental Research Funds for the Central Universities (JB161501); Key Scientific and Technological Project of He’nan Province (092101210502, 122102210126)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [20]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    多因素认证密钥交换协议融合多种不同的认证因素来实现强安全的身份认证和访问控制,在具有高级别安全应用需求的移动泛在服务中具有巨大的应用潜力.现阶段多因素协议的研究成果还不丰富,并且已有协议都是在随机预言模型下可证明安全的.以两方口令认证密钥交换协议、鲁棒的模糊提取器以及签名方案为基本组件提出了一个标准模型下可证明安全的多因素协议.协议中服务器不知道用户的生物模板,因此实现了对生物信息的隐私保护.与已有的随机预言模型下的多因素协议相比,该协议在满足更高安全性的同时具有更高的计算效率和通信效率,因此更满足高级别安全的移动泛在服务的应用需求.

    Abstract:

    Multi-factor authenticated key exchange (MFAKE) protocols combine different authentication factors to realize strong secure identity authentication and access control, and have great application potential in mobile ubiquitous services with high-level security requirements. Until now, literatures about MFAKE protocols are rare and far from satisfactory. Moreover, existing multi-factor authenticated key exchange protocols are proven secure only in the random oracle model. The study proposes a MFAKE protocol using two-party password authenticated key exchange protocols, fuzzy extractors and signature schemes as building blocks. The security of this MFAKE protocol is conducted in the standard model. The server does not need to know the biometric template of the user, thus the biometric privacy of the user is preserved. Compared with existing MFAKE protocols, our protocol achieves stronger security with lower computation and communication costs. Consequently, the proposed protocol is more suitable for mobile ubiquitous services with high-level security requirements.

    参考文献
    [1] Spantzel A, Squicciarini A, Bertino E. Privacy preserving multi-factor authentication with biometrics. In: Proc. of the 2nd ACM Workshop on Digital Identity Management (DIM 2006). New York: ACM, 2006. 63-72. [doi: 10.1145/1179529.1179540]
    [2] Pointcheval D, Zimmer S. Multi-Factor authenticated key exchange. In: Bellovin M, et al., eds. Proc. of the Applied Cryptography and Network Security (ACNS 2008). LNCS 5037, Berlin: Springer-Verlag, 2008. 277-295. [doi: 10.1007/978-3-540-68914-0_17]
    [3] Fan CI, Lin YH. Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics. IEEE Trans. on Information Forensics and Security, 2009,4(4):933-945. [doi: 10.1109/TIFS.2009.2031942]
    [4] Stebila D, Udupi P, Chang S. Multi-Factor password-authenticated key exchange. In: Proc. of the CRPIT 2010. New York: ACM, 2010. 56-66.
    [5] Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attack. In: Preneel B, ed. Proc. of the EUROCRYPT 2000. LNCS 1807, Berlin: Springer-Verlag, 2000. 139-155. [doi: 10.1007/3-540-45539-6_11]
    [6] Liu Y, Wei FS, Ma CG. Multi-Factor authenticated key exchange protocol in the three-party setting. In: Lai XJ, et al., eds. Proc. of the 6th China Int'l Conf. on Information Security and Cryptology (Inscrypt 2010). LNCS 6584, Berlin: Springer-Verlag, 2011. 255-267. [doi: 10.1007/978-3-642-21518-6_18]
    [7] Huang XY, Yang X, Chonka A, Zhou JY, Deng RH. A generic framework for three-factor authentication: Preserving security and privacy in distributed systems. IEEE Trans. on Parallel and Distributed Systems, 2011,22(8):1390-1396. [doi: 10.1109/TPDS.2010. 206]
    [8] Dodis Y, Reyzin L, Smith A. Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. In: Cachin C, Camenisch J, eds. Advances in Cryptology–EUROCRYPT 2004. LNCS 3027, Berlin: Springer-Verlag, 2004. 523-540. [doi: 10. 1007/978-3-540-24676-3_31]
    [9] Hao F, Clarke D. Security analysis of a multi-factor authenticated key exchange protocol. In: Bao F, Samaratieds P, Zhou JY, eds. Proc. of the Applied Cryptography and Network Security (ACNS 2012). LNCS 7341, Berlin: Springer-Verlag, 2012. 1-11. [doi: 10.1007/978-3-642-31284-7_1]
    [10] Yang DX, Yang B. A novel multi-factor authenticated key exchange scheme with privacy preserving. Journal of Internet Services and Information Security, 2012,1(2/3):44-56.
    [11] Fleischhacker N, Manulis M, Sadrazodi A. Modular design and analysis framework for multi-factor authentication and key exchange. In: Chen LQ, Mitchell C, eds. Proc. of the Security Standardisation Research (SSR 2014). LNCS 8893, Berlin: Springer- Verlag, 2014. 190-214. [doi: 10.1007/978-3-319-14054-4_12]
    [12] Huang XY, Xiang Y, Bertino E, Zhou J, Xu L. Robust multi-factor authentication for fragile communications. IEEE Trans. on Dependable and Secure Computing, 2014,11(6):568-581. [doi: 10.1109/TDSC.2013.2297110]
    [13] He DB, Wang D. Robust biometrics-based authentication scheme for multi-server environment. IEEE Systems Journal, 2015,9(3): 816-823. [doi: 10.1109/JSYST.2014.2301517]
    [14] He DB, Kumar N, Lee JH, Sherratt RS. Enhanced three-factor security protocol for consumer USB mass storage devices. IEEE Trans. on Consumer Electronics, 2014,60(1):30-37. [doi: 10.1109/TCE.2014.6780922]
    [15] Yu J, Wang G, Mu Y, Gao W. An efficient generic framework for three-factor authentication with provably secure instantiation. IEEE Trans. on Information Forensics and Security, 2014,9(12):2302-2313. [doi: 10.1109/TIFS.2014.2362979]
    [16] Jiang SQ, Gong G. Password based key exchange with mutual authentication. In: Handschuh H, Hasan A, eds. Proc. of the SAC 2004. LNCS 3357, Berlin: Springer-Verlag, 2004. 267-279. [doi: 10.1007/978-3-540-30564-4_19]
    [17] Dodis Y, Katz J, Reyzin L, Reyzin L, Smith A. Robust fuzzy extractors and authenticated key agreement from close secrets. In: Dwork C, ed. Advances in Cryptology—CRYPTO 2006. LNCS 4117, Berlin: Springer-Verlag, 2006. 232-250. [doi: 10.1007/ 11818175_14]
    [18] Boneh D, Boyen X. Short signatures without random oracles. In: Cachin C, Camenisch J, eds. Advances in Cryptology—EUROCRYPT 2004. LNCS 3027, Berlin: Springer-Verlag, 2004. 56-73. [doi: 10.1007/978-3-540-24676-3_4]
    [19] Boyen X, Dodis Y, Katz J, Ostrovsky R, Smith A. Secure remote authentication using biometric data. In: Cramer R, ed. Advances in Cryptology—EUROCRYPT 2005. LNCS 3494, Berlin: Springer-Verlag, 2005. 147-163. [doi: 10.1007/11426639_9]
    [20] Abdalla M, Bellare M, Rogaway P. The oracle Diffie-Hellman assumptions and an analysis of DHIES. In: David N, ed. Proc. of the CT-RSA 2001. LNCS 2020, Berlin: Springer-Verlag, 2001. 143-158. [doi: 10.1007/3-540-45353-9_12]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

魏福山,张刚,马建峰,马传贵.标准模型下隐私保护的多因素密钥交换协议.软件学报,2016,27(6):1511-1522

复制
分享
文章指标
  • 点击次数:4898
  • 下载次数: 6825
  • HTML阅读次数: 3001
  • 引用次数: 0
历史
  • 收稿日期:2015-08-15
  • 最后修改日期:2015-10-09
  • 在线发布日期: 2016-01-22
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19728087位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号