Research On Secure Authentication Scheme For Resource-constrained Environments

As an important mechanism for protecting information security,authentication technology can effectively authenticate the true identity of communication participants.So it is an important means to realize the confidentiality and integrity of information system.However,in different application environments,communication entities involved in authentication process are not the same,authentication relationship between those entities is neither the same,and eventually lead to different security and efficiency requirements.As the typical application sceranios for authentication scheme,there exist natural constraints of particular limited resources or abilities for communicating entities in resource-constrained environments.Therefore,the contradiction between security requirements and execution efficiency is particularly prominent for authentication scheme.The research of this dissertation around the issues which related to secure authentication scheme for resource-constrained environments;the main research contents and achievements are listed as follows:(1)In view of privacy protection defects of existing secure authentication schemes for resource-constrained environments,three authentication schemes with user anonymity based on different safety factors for specific resource-constrained environments are put forward respectively.First of all,a smart cards-based authentication scheme with user anonymity for global mobile network(SCBASUA-GMN)is presented.Security analysis and AVISPA simulation results show that SCBASUA-GMN scheme provide user anonymity to protect user's privacy,and can resist replay attack,forgery attack,offline password guessing attack and parallel session attack.In addition,SCBASUA-GMN scheme implements mutual authentication,forward security,fair key agreement and user friendliness.Secondly,a biometrics-based authentication scheme with user anonymity for wireless sensor network(BBASUA-WSN)is put forward.Security analysis and AVISPA simulation results show that BBASUA-WSN scheme achieves the predetermined security goals,supports user anonymity and can resist active and passive attacks such as man-in-the-middle attack,sensor node capture attack.Meanwhile,BBASUA-WSN scheme also implements mutual authentication and achieves key agreement fairness.Finally,a dynamic identity-based authentication scheme with user anonymity for global mobile network(DIDBASUA-GMN)is proposed.DIDBASUA-GMN scheme implements user anonymity and data unlinkability to provide further privacy protection during roaming process of mobile user.Security analysis showed that DIDBASUA-GMN scheme can resist various attacks including side channel attack and smart card lost attack.(2)Aiming at execution efficiency defects of existing secure authentication schemes for resource-constrained environments,two secure and lightweight authentication schemes for specific resource-constrained environments are put forward.On the one hand,a lightweight and efficient authentication scheme for global mobile network(LEAS-GMN)is proposed.In order to achieve better adaptation to the limited resources constraints,LEAS-GMN scheme only uses one-way hash function and exclusive-or operations which are both low computational cost.Performance and computational overhead comparison results show that the CPU cycles and execution time required for LEAS-GMN scheme are both the least of all,so the execution efficiency of LEAS-GMN scheme is superior to the similar schemes.Security analysis of LEAS-GMN scheme verified that it can resist impersonation attack,known session key attack and other various attacks.Thus,LEAS-GMN scheme can satisify predetermined security requirements and goals as well as better efficiency.On the other hand,a lightweight and efficient authentication scheme for wireless sensor network(LEAS-WSN)is presented.LEAS-WSN only involves symmetric encryption and hash function in authentication process.Performance and energy consumption comparison results show that compared with some similar schemes,LEAS-WSN scheme requires minimal computational overhead and the least amount of messages.Consequently,LEAS-WSN scheme is suitable for resource-constrained WSN environment duo to the least energy consumption overhead of cryptographic operations and radio communication.Security analysis and BAN logic proof results show that LEAS-WSN scheme reached desired security goals;and can resist attacks including gateway node bypass attack and man-in-the-middle attack simultaneously.(3)For the problem of security evaluation of authentication schemes in same application environment,a kind of multiple attribute evaluation method based on fuzzy number intuitionistic fuzzy set is proposed.Firstly,Fuzzy number intuitionistic fuzzy weighted geometric Hamacher operator,fuzzy number intuitionistic fuzzy Hamacher ordered weighted geometric operator and fuzzy number intuitionistic fuzzy Hamacher hybrid geometric operator are extended and defined.Then,based on fuzzy number intuitionistic fuzzy Hamacher hybrid geometric operator,a kind of multiple attribute evaluation method is put forward.In the end,an example to evaluate the security of authentication schemes is presented for the sake of testifies the effectiveness of the proposed method.