多因素身份认证技术与隐私保护的研究.docVIP

多因素身份认证技术与隐私保护的研究 摘 要 本文比较系统地对网络身份认证理论、技术和应用进行了深入的研究，重点研究了基于多因素的网络身份认证中的若干关键技术问题。 分析了己有的多服务器身份认证方案存在时间同步、用户单向认证等不足，提出了一种基于智能卡的多服务器身份认证方案。该方案的优点是:在智能卡中以表达式的方式存储了用户的认证信息，使得用户认证信息的安全性大大加强;实现了多服务器系统中用户与服务器的双向认证及会话密钥的生成，在智能卡中以插值多项式的形式存储了双方的会话密钥的相关信息，这样，会话密钥就避免了在网络上进行传输，减小了会话密钥被泄露的可能性。并在所提方案的基础之上提出了一种结合口令、智能卡和指纹的身份认证方案，进一步加强了原有方案的安全性。 关键词: 密码学 身份认证 ;数字签名 智能卡 Abstract The identity authentication is an integrated technique, which combines with cryptology, biometric recognition, digital signature and etc. It has more applications in the network communication to verify the real identity of the correspondent. It can prevent illegal intruder log inning in the system,叫keep the non-authorized person off the controlled resource. At present, the identity authentication technique has a broad application in banks, e-commerce-movement and other management information systems. With the continual development of the computer network and the communication, the identity authentication will be an important research field. The dissertation studied the identity authentication theory, technology and application in-depth, and focused on some key problems about multiple factors in the network communication. The dissertation analyzed the drawbacks of the existing mufti-server authentication scheme, which is only a single-direction authentication and has a time synchronization problem. The author proposed a mufti-server authentication scheme based on smart cards and analyzed the security of the scheme. By saving users authentication information in the smart card in the interpolating polynomial, the proposed scheme greatly strengthened the security of the original scheme. The proposed scheme acquired bidirectional authentication of the user and the server in the mufti-server system, could automatic generate the session keys and save session keys ‘relative information in expression in smart cards. The proposed scheme avoided the transmission of the session keys through the network, and