| With the development of mobile communication market, the kinds of mobile services are increasingly enriched, so the requirement of their security is continually rising. As the important technology support of security of mobile e-commerce, identity authentication has become the focus of people's attention. Without an effective and secure identity authentication protocol for mobile business environment, the integrity and secrecy of users' personal information cannot be guaranteed, and the same service providers will face the problem of providing illegal users service. Therefore, research about mobile e-commerce identity authentication means much to mobile business security system.Existing identity authentication methods are dynamic password authentication, physical authentication and biological authentication, etc. However, due to the particularity of mobile environment, the processes of authentication are affected by mobile equipments'calculate ability, calculate speed and save ability, etc so as to the design of authentication mechanisms get a greater demand. Physical authentication gets a higher veracity, but it needs the support of third-party physical device so as to not so suitable for mobile e-commerce environment. Similarly, even bio-certification is currently the highest accuracy of authentication method, because of its high cost and the need of third-party device support it remains very difficult to be used inmobile environment.So this paper give a one-time password identity authentication mechanism under the mobile environment according to the exiting ones. In this paper, an efficient Elliptic Curve based authentication scheme is proposed. Elliptic Curve is used to generate the public-key and the private-key of the Client and the Server and the identity mark-IMEI is introduced as one of the authentication factors. After that we proved its rationality by BAN logic analysis, and then estimated the security and performance of this mechanism and others through simulation network—OPNET. Compared with other mechanisms, this one realizes the authentications to each other with lighter workload and higher security. |
PDF Full Text Request