Design And Implementation, No Anonymous Two-way Authentication System Based On Elliptic Curves

With the information technology closer rapid development, it places higher demand on information security. Computer hardware and parallel computing make more threat to the traditional RSA cryptosystem. As the environment becoming more complicated, we imminently need better protection of privacy and anonymity. The traditional single authentication center no longer meets the requirement. Various schemes based on the elliptic curves, threshold schemes, without trusted party schemes and so on, provide more reliable, more effective means for the protection of information security.By researching on the elliptic curves and threshold without trusted party, an anonymity mutual authentication system without a trusted party is proposed and designed, the kernel algorithm are proposed and its security proof is given. The main contributes of this dissertation are as follows:First, propose a (t,n) threshold scheme without a trusted center, and give a dynamic scheme on changing value of threshold. The threshold scheme is based on elliptic curves, has higher security. When changing the value of threshold dynamically, there is no need to re-initialization, and the share secret can be used repeatedly though threshold value changed. This significantly enhances the utilization rate of the secret shares, and makes the scheme more flexibility, efficiently.Second, propose an anonymity mutual authentication scheme, and give its security proof, analyze its validity and advantages. The scheme can withstand replay attack, man-in-the-middle attack and so on, has properties such as anonymous and authentication without any third party.Then, propose an encrypted communication scheme between system users, ensure the security of communications, information integrity, confidentiality, timeliness and non-repudiation. By applying a modified elliptic curve signature equation, avoid calculating the inverse elements in the finite field, get a more efficient implementation.Finally, implement the prototype system. The test results show that our scheme which has feasibility, and is more secure and efficient.