Multi-factor identity authentication method based on chaotic mapping

Abstract

The invention discloses a multi-factor identity authentication method based on chaotic mapping. Based on Chebyshev chaotic mapping, user anonymity and forward security are realized by utilizing Chebyshev polynomial semi-group characteristics, and an existing unsafe multi-factor user authentication protocol is converted into an identity authentication protocol with security attributes such as anonymity, forward security and user friendliness. The user identity authentication process comprises an initialization phase, a user registration phase, a login authentication phase and a certificate updating phase. By utilizing the technical scheme provided by the invention, the security of an original protocol can be improved, a secure multi-factor protocol with a password locally and freely updatedis realized, the defects of'attack, improvement, attack, improvement and the like 'in the multi-factor protocol design are terminated, and the secure and efficient multi-factor authentication protocol design is realized.

Description

technical field [0001] The invention belongs to the technical field of information security, relates to a method for realizing a universal and automatically convertible security protocol, in particular to a design of a multi-factor identity authentication protocol and an identity authentication method based on chaotic mapping. Background technique [0002] Under the non-tamper-resistant smart card assumption, design a practical multi-factor authentication protocol that satisfies a series of stringent security goals (such as resistance to smart card loss attack, node capture attack) and ideal properties (such as local password update, user anonymity) is still an unresolved problem. On the one hand, due to the limited computing power, storage space, and battery energy of distributed nodes in smart cards and cloud computing environments, it is very difficult to design identity authentication protocols that take into account security, efficiency, and functional requirements; on ...

AI Technical Summary

Problems solved by technology

[0003] In 2011, Huang et al. in literature 1 (Huang X, Xiang Y, Chonka A, et al.Agenericframework for three-factor authentication: Preserving security and privacy indistributed systems[J].IEEE Trans.Inform.Foren.Secur.,2011, 22(8):1390-1397) proposed a framework for conversion of a two-factor (password + smart card) protocol to a three-factor (password + smart card + biometric) protocol. The basic idea of ​​this framework is that user registration, login and authentication processes are respectively Execute the underlying two-factor protocol twice, the first time using password and smart card as authentication factor, the second time using smart card and biometric as authentication factor, the security of this framework is based on the security of the underlying two-factor protocol, to achieve Basic safety functions are implemented, but the efficiency is severely reduced

Compared with the previous framework, the transmission efficiency of this framework is significantly improved, but the computational efficiency is reduced

[0004] In 2015, Document 3 (Yu J, Wang G, Mu Y, et al.An efficient generic framework for three-factor authentication with provably secure instantiation[J].IEEETrans.Inform.Foren.Secur.,2014,9(12): 2302-2313), Yu et al. pointed out that the error correction technology of the framework of Huang et al. relies on "Hamming distance", "difference set" and "edit distance", and it needs to execute the underlying two-factor protocol twice, so that the efficiency is low and has not been obtained. widely used

[0005] After analysis, the security of the above three frameworks all depend on the security of the original protocol, but did not give a reasonable security analysis of the original protocol; and did not consider the basic "principle of anonymity" and "principle of forward security" , Anonymity and forward security cannot be achieved by relying solely on Hash operations

In addition, the above three frameworks do not consider user-friendliness issues such as "password local update", that is, they cannot achieve a balance between security and efficiency

Images