| Identity authentication is acturally to resolve the correspondence between the user's physical identity and his/her digital identity and give ground for power management. Identity authentication is the basis of information security system. With the appearance of Public-Key Cryptosystem, identity authentication is always impletmented by digital credential i.e.digital signature. At present the construct of identity authentication scheme with taking account of different reality circumstance has drew more and more interest of reseachers. One of such instance is called signature-masked authentication. It means in a certain scene, after an authenticated user receive a digital signature as his credential, to get service from the service provider and prevent his/her credential from intercepting by hostile people or from framing by the alliance of the provider and attrackers, he/she would adapt to prove his/her validity without transmitting the credential directly. This paper mainly study on authentication scheme with credential masked, by the way some attention is paid on non-repudiation authentication protocol. The main works are as follows:(1) The application background and present development of identity authentication is analyzed, and we classify indentity authentication for three categories: non-repudiabel authentication, signature-masked authentication and anonymous authentication based on the application circumstance and public condition of the credential and indetity.(2) Three signature-masked authentication schemes are presented in the paper. The first is a simple unilateral authentication scheme. The second realized mutual authentication between the user and the service provider under the condition that the user has a certain power of computation and storage. The third can also partially realize the resistance to DoS attack besides realizing mutual authentication. The security of all these three schemes is analyzed under the assumption that the two CAs are not colluded.(3) A transparent non-repudiable authentication protocol based on SCS (Self-Certified Signature) is given. With the combination of GSP signature scheme and SCS scheme and theapplication in non-repudiation protocol, the scheme realized the simultaneously verification of message signature and the credential, and the process of searching, storing and verifying credential is leave out, and the efficient of the protocol is greatly improved especially under the condition that more than one credential to be verified. Though the new protocol is improved from the scheme of O.Markowitch and S.Kremer, it not only avoids the plaintext known by the trusted third party but protect the repudiation of the bargainers better. |
PDF Full Text Request