《代理移动IPv6网络中无缝切换的安全密码认证机制》的密码分析与改进

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

作者信息

Alizadeh Mojtaba, Zamani Mazdak, Baharun Sabariah, Abdul Manaf Azizah, Sakurai Kouichi, Anada Hiroaki, Keshavarz Hassan, Ashraf Chaudhry Shehzad, Khurram Khan Muhammad

机构信息

Faculty of Information Science and Electrical Engineering, Kyushu University, Fukuoka, Japan.

Malaysia-Japan International Institute of Technology, Universiti Teknologi Malaysia, Kuala Lumpur, Malaysia.

出版信息

PLoS One. 2015 Nov 18;10(11):e0142716. doi: 10.1371/journal.pone.0142716. eCollection 2015.

DOI:10.1371/journal.pone.0142716

PMID:26580963

原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC4651333/

Abstract

Proxy Mobile IPv6 is a network-based localized mobility management protocol that supports mobility without mobile nodes' participation in mobility signaling. The details of user authentication procedure are not specified in this standard, hence, many authentication schemes have been proposed for this standard. In 2013, Chuang et al., proposed an authentication method for PMIPv6, called SPAM. However, Chuang et al.'s Scheme protects the network against some security attacks, but it is still vulnerable to impersonation and password guessing attacks. In addition, we discuss other security drawbacks such as lack of revocation procedure in case of loss or stolen device, and anonymity issues of the Chuang et al.'s scheme. We further propose an enhanced authentication method to mitigate the security issues of SPAM method and evaluate our scheme using BAN logic.

摘要

代理移动IPv6是一种基于网络的本地化移动性管理协议，支持移动节点无需参与移动性信令即可实现移动性。本标准未规定用户认证过程的详细信息，因此，针对该标准已经提出了许多认证方案。2013年，Chuang等人提出了一种用于PMIPv6的认证方法，称为SPAM。然而，Chuang等人的方案可保护网络免受某些安全攻击，但它仍然容易受到身份假冒和密码猜测攻击。此外，我们还讨论了其他安全缺陷，例如在设备丢失或被盗的情况下缺乏撤销程序，以及Chuang等人方案的匿名性问题。我们进一步提出了一种增强的认证方法，以减轻SPAM方法的安全问题，并使用BAN逻辑对我们的方案进行评估。

相似文献

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".《代理移动IPv6网络中无缝切换的安全密码认证机制》的密码分析与改进

PLoS One. 2015 Nov 18;10(11):e0142716. doi: 10.1371/journal.pone.0142716. eCollection 2015.

Security analysis and enhanced user authentication in proxy mobile IPv6 networks.代理移动IPv6网络中的安全分析与增强用户认证

PLoS One. 2017 Jul 18;12(7):e0181031. doi: 10.1371/journal.pone.0181031. eCollection 2017.

Secure anonymity-preserving password-based user authentication and session key agreement scheme for telecare medicine information systems.用于远程医疗信息系统的基于密码的安全匿名用户认证和会话密钥协商方案。

Comput Methods Programs Biomed. 2016 Oct;135:167-85. doi: 10.1016/j.cmpb.2016.07.028. Epub 2016 Jul 29.

Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.针对电子医疗保健系统的匿名保护远程用户相互认证和会话密钥协商方案的密码分析与增强。

J Med Syst. 2015 Nov;39(11):140. doi: 10.1007/s10916-015-0318-z. Epub 2015 Sep 5.

Provably Secure Three-Factor-Based Mutual Authentication Scheme with PUF for Wireless Medical Sensor Networks.基于 PUF 的无线医疗传感器网络三因素互认证协议的可证明安全性

Sensors (Basel). 2021 Sep 9;21(18):6039. doi: 10.3390/s21186039.

MES-FPMIPv6: MIH-Enabled and enhanced secure Fast Proxy Mobile IPv6 handover protocol for 5G networks.MES-FPMIPv6：用于5G网络的启用MIH并增强的安全快速代理移动IPv6切换协议。

PLoS One. 2022 May 26;17(5):e0262696. doi: 10.1371/journal.pone.0262696. eCollection 2022.

A secure user anonymity-preserving three-factor remote user authentication scheme for the telecare medicine information systems.一种用于远程医疗信息系统的安全的、保护用户匿名性的三因素远程用户认证方案。

J Med Syst. 2015 Mar;39(3):30. doi: 10.1007/s10916-015-0218-2. Epub 2015 Feb 13.

Enhanced Two-Factor Authentication and Key Agreement Using Dynamic Identities in Wireless Sensor Networks.无线传感器网络中使用动态身份的增强型双因素认证和密钥协商

Sensors (Basel). 2015 Nov 30;15(12):29841-54. doi: 10.3390/s151229767.

A more secure anonymous user authentication scheme for the integrated EPR information system.一种用于集成电子病历信息系统的更安全的匿名用户认证方案。

J Med Syst. 2014 May;38(5):42. doi: 10.1007/s10916-014-0042-0. Epub 2014 Apr 24.

A secure biometrics-based authentication key exchange protocol for multi-server TMIS using ECC.基于椭圆曲线密码的 TMIS 多服务器安全生物认证密钥交换协议

Comput Methods Programs Biomed. 2018 Oct;164:101-109. doi: 10.1016/j.cmpb.2018.07.008. Epub 2018 Jul 18.

引用本文的文献

Security analysis and enhanced user authentication in proxy mobile IPv6 networks.代理移动IPv6网络中的安全分析与增强用户认证

PLoS One. 2017 Jul 18;12(7):e0181031. doi: 10.1371/journal.pone.0181031. eCollection 2017.

A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.一种使用椭圆曲线密码学的用于TMIS的多服务器生物特征认证方案。

J Med Syst. 2016 Nov;40(11):230. doi: 10.1007/s10916-016-0592-4. Epub 2016 Sep 19.

Correction: Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".更正：《代理移动IPv6网络中无缝切换的安全密码认证机制的密码分析与改进》

PLoS One. 2015 Dec 23;10(12):e0145975. doi: 10.1371/journal.pone.0145975. eCollection 2015.

本文引用的文献

Cryptanalysis and improvement of an improved two factor authentication protocol for telecare medical information systems.远程医疗信息系统中一种改进的双因素认证协议的密码分析与改进

J Med Syst. 2015 Jun;39(6):66. doi: 10.1007/s10916-015-0244-0. Epub 2015 Apr 26.

Efficient and anonymous two-factor user authentication in wireless sensor networks: achieving user anonymity with lightweight sensor computation.无线传感器网络中高效且匿名的双因素用户认证：通过轻量级传感器计算实现用户匿名性

PLoS One. 2015 Apr 7;10(4):e0116709. doi: 10.1371/journal.pone.0116709. eCollection 2015.

An efficient and secure dynamic ID-based authentication scheme for telecare medical information systems.用于远程医疗信息系统的高效安全的动态 ID 基于身份的认证方案。

J Med Syst. 2012 Dec;36(6):3907-15. doi: 10.1007/s10916-012-9862-y. Epub 2012 Jun 7.

文献检索

告别复杂PubMed语法，用中文像聊天一样搜索，搜遍4000万医学文献。AI智能推荐，让科研检索更轻松。

立即免费搜索

文件翻译

保留排版，准确专业，支持PDF/Word/PPT等文件格式，支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述，25分钟生成高质量综述，智能提取关键信息，辅助科研写作。

立即免费体验

《代理移动IPv6网络中无缝切换的安全密码认证机制》的密码分析与改进

Cryptanalysis and Improvement of "A Secure Password Authentication Mechanism for Seamless Handover in Proxy Mobile IPv6 Networks".

作者信息

机构信息

出版信息

相似文献

引用本文的文献

本文引用的文献

文献检索

文件翻译

深度研究

Suppr 超能文献

相似文献

引用本文的文献

本文引用的文献