摘要
分析了现有网络身份认证方案的不足,给出了一种指纹识别技术与USBKey技术相结合的身份认证方案。利用载有指纹特征的指纹USBKey改进现有的USBKey认证技术。利用椭圆曲线密码算法ECC(elliptic curve cryption),提高身份认证协议的安全性。采用挑战与应答的认证机制,实现了双向身份认证。使用含指纹特征的数字证书,防止非法用户篡改指纹特征。给出的身份认证协议实现了USBKey对用户权限的验证及远程服务器对用户身份的实体认证。能够有效抵御窃听攻击、假冒攻击、重放攻击及DoS攻击。
Network user authentication schemes are analyzed in this paper, and then a new authentication model combining the fingerprint recognition technology with USBKey technology is proposed, which uses fingerprint US-BKey with fingerprint characteristics to improve the existing USBKey authentication. The ECC (Elliptic Curve Cryptography) algorithm is utilized to improve the security of user authentication protocol. The challenge/response authentication mechanism is adopted to achieve the mutual authentication. The digital certificate with fingerprint characteristic is exploited to prevent unauthorized users from tampering with fingerprint characteristics. The user authentication scheme presented in this paper may judge the user authority by USBKey, realize the remote server authentication, and effectively resist the eavesdropping attack, impersonation attack, replay attack and DoS attack as well.
出处
《华东交通大学学报》
2014年第2期95-98,共4页
Journal of East China Jiaotong University
基金
国家863计划项目(2006AA04A134)
关键词
身份认证
指纹
椭圆曲线密码算法
USBKey
user authentication
USBKey
fingerprint
ECC ( elliptic curve cryptography) algorithm
