• 文献检索
  • 文档翻译
  • 深度研究
  • 学术资讯
  • Suppr Zotero 插件Zotero 插件
  • 邀请有礼
  • 套餐&价格
  • 历史记录
应用&插件
Suppr Zotero 插件Zotero 插件浏览器插件Mac 客户端Windows 客户端微信小程序
定价
高级版会员购买积分包购买API积分包
服务
文献检索文档翻译深度研究API 文档MCP 服务
关于我们
关于 Suppr公司介绍联系我们用户协议隐私条款
关注我们

Suppr 超能文献

核心技术专利:CN118964589B侵权必究
粤ICP备2023148730 号-1Suppr @ 2026

文献检索

告别复杂PubMed语法,用中文像聊天一样搜索,搜遍4000万医学文献。AI智能推荐,让科研检索更轻松。

立即免费搜索

文件翻译

保留排版,准确专业,支持PDF/Word/PPT等文件格式,支持 12+语言互译。

免费翻译文档

深度研究

AI帮你快速写综述,25分钟生成高质量综述,智能提取关键信息,辅助科研写作。

立即免费体验

一种基于自签名公钥的高效动态 ID 基远程用户认证方案,适用于多服务器环境。

An efficient dynamic ID-based remote user authentication scheme using self-certified public keys for multi-server environments.

机构信息

Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China.

College of Computer, National University of Defense Technology, Hunan Changsha, China.

出版信息

PLoS One. 2018 Oct 9;13(10):e0202657. doi: 10.1371/journal.pone.0202657. eCollection 2018.

DOI:10.1371/journal.pone.0202657
PMID:30300362
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC6177128/
Abstract

Recently, Li et al. proposed a novel smart card and dynamic ID-based remote user authentication scheme for multi-server environments. They claimed that their scheme can resist several types of attacks. However, through careful analysis, we find that Li et al.'s scheme is vulnerable to stolen smart card and off-line dictionary attacks, replay attacks, impersonation attacks and server spoofing attacks. By analyzing other similar schemes, we find that a certain type of dynamic ID-based multi-server authentication scheme in which only hash functions are used and whereby no registration center participates in the authentication and session key agreement phase faces difficulties in providing perfectly efficient and secure authentication. To compensate for these shortcomings, we propose a novel dynamic ID-based remote user authentication scheme for multi-server environments based on pairing and self-certified public keys. Security and performance analyses show that the proposed scheme is secure against various attacks and has many excellent features.

摘要

最近,李等人提出了一种新颖的智能卡和基于动态 ID 的远程用户认证方案,适用于多服务器环境。他们声称,他们的方案可以抵御多种类型的攻击。然而,通过仔细分析,我们发现李等人的方案容易受到偷取智能卡和离线字典攻击、重放攻击、伪装攻击和服务器欺骗攻击的影响。通过分析其他类似的方案,我们发现,在某种基于动态 ID 的多服务器认证方案中,仅使用哈希函数,并且在认证和会话密钥协商阶段没有注册中心参与,这种方案在提供完全高效和安全的认证方面存在困难。为了弥补这些缺点,我们提出了一种新颖的基于配对和自认证公钥的多服务器环境下的基于动态 ID 的远程用户认证方案。安全和性能分析表明,所提出的方案能够抵御各种攻击,具有许多优良的特性。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/ee74c595685e/pone.0202657.g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/08bb225df643/pone.0202657.g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/ebd2f5186a7f/pone.0202657.g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/ee74c595685e/pone.0202657.g003.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/08bb225df643/pone.0202657.g001.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/ebd2f5186a7f/pone.0202657.g002.jpg
https://cdn.ncbi.nlm.nih.gov/pmc/blobs/ac8e/6177128/ee74c595685e/pone.0202657.g003.jpg

相似文献

1
An efficient dynamic ID-based remote user authentication scheme using self-certified public keys for multi-server environments.一种基于自签名公钥的高效动态 ID 基远程用户认证方案,适用于多服务器环境。
PLoS One. 2018 Oct 9;13(10):e0202657. doi: 10.1371/journal.pone.0202657. eCollection 2018.
2
An Improvement of Robust Biometrics-Based Authentication and Key Agreement Scheme for Multi-Server Environments Using Smart Cards.一种基于稳健生物特征的多服务器环境下使用智能卡的认证与密钥协商方案的改进
PLoS One. 2015 Dec 28;10(12):e0145263. doi: 10.1371/journal.pone.0145263. eCollection 2015.
3
Cryptanalysis and Enhancement of Anonymity Preserving Remote User Mutual Authentication and Session Key Agreement Scheme for E-Health Care Systems.针对电子医疗保健系统的匿名保护远程用户相互认证和会话密钥协商方案的密码分析与增强。
J Med Syst. 2015 Nov;39(11):140. doi: 10.1007/s10916-015-0318-z. Epub 2015 Sep 5.
4
A robust anonymous biometric-based authenticated key agreement scheme for multi-server environments.一种适用于多服务器环境的基于健壮匿名生物特征的认证密钥协商方案。
PLoS One. 2017 Nov 9;12(11):e0187403. doi: 10.1371/journal.pone.0187403. eCollection 2017.
5
Design and Analysis of an Enhanced Patient-Server Mutual Authentication Protocol for Telecare Medical Information System.远程医疗信息系统中增强的医患相互认证协议的设计与分析。
J Med Syst. 2015 Nov;39(11):137. doi: 10.1007/s10916-015-0307-2. Epub 2015 Sep 1.
6
Robust and efficient biometrics based password authentication scheme for telecare medicine information systems using extended chaotic maps.基于扩展混沌映射的用于远程医疗信息系统的稳健高效生物特征密码认证方案。
J Med Syst. 2015 Jun;39(6):65. doi: 10.1007/s10916-015-0229-z. Epub 2015 Apr 22.
7
A Multiserver Biometric Authentication Scheme for TMIS using Elliptic Curve Cryptography.一种使用椭圆曲线密码学的用于TMIS的多服务器生物特征认证方案。
J Med Syst. 2016 Nov;40(11):230. doi: 10.1007/s10916-016-0592-4. Epub 2016 Sep 19.
8
An Improvement of Robust and Efficient Biometrics Based Password Authentication Scheme for Telecare Medicine Information Systems Using Extended Chaotic Maps.基于扩展混沌映射的远程医疗信息系统稳健高效生物特征密码认证方案的改进
J Med Syst. 2016 Mar;40(3):70. doi: 10.1007/s10916-015-0422-0. Epub 2016 Jan 7.
9
A Secure and Robust User Authenticated Key Agreement Scheme for Hierarchical Multi-medical Server Environment in TMIS.TMIS 中分层多医疗服务器环境的安全稳健的用户认证密钥协商方案。
J Med Syst. 2015 Sep;39(9):92. doi: 10.1007/s10916-015-0276-5. Epub 2015 Aug 6.
10
A secure and efficient uniqueness-and-anonymity-preserving remote user authentication scheme for connected health care.一种用于连接式医疗保健的安全高效的保持唯一性和匿名性的远程用户认证方案。
J Med Syst. 2013 Jun;37(3):9948. doi: 10.1007/s10916-013-9948-1. Epub 2013 May 10.

本文引用的文献

1
An Enhanced Biometric Based Authentication with Key-Agreement Protocol for Multi-Server Architecture Based on Elliptic Curve Cryptography.一种基于椭圆曲线密码学的多服务器架构中带有密钥协商协议的增强型生物特征认证方法。
PLoS One. 2016 May 10;11(5):e0154308. doi: 10.1371/journal.pone.0154308. eCollection 2016.
2
Cryptanalysis and Improvement of a Biometric-Based Multi-Server Authentication and Key Agreement Scheme.基于生物特征的多服务器认证与密钥协商方案的密码分析与改进
PLoS One. 2016 Feb 11;11(2):e0149173. doi: 10.1371/journal.pone.0149173. eCollection 2016.