The Research Of Remote User Authentication And Key Agreement Protocols

With the rapid development of computer technology and network technology, the society has entered into the information network era, more and more services will be provided by some remote servers through the public network, and the legitimate users can access to the remote servers to obtain the corresponding resources or service using mobile phones, laptops or other devices in any time or any place. The information network service does bring great convenience to people in the work and life. However, it also brings us some common network security problems of the communication at the same time. One of the solutions to resolve these security problems is remote user authentication and key agreement protocol researched in this paper. That is, through the remote user authentication technology to determine the legitimacy of the user and the server, the communication participants establish a secure session key using the technology of key agreement, then encryption using the session key to ensure the confidentiality of the transmission resources. In this paper, on the basis of predecessors’work, we put forward some more safe and efficient remote user authentication and key agreement protocols in different application environments. We have achieved some research results as follows:1. In the client and the server model, we find some security flaws existed in the research results, such as:cannot resist password guessing attack, masquerading attack, privileged inside attack and denial of service attack. In order to solve the above security flaws, we put forward a new and more secure and efficient remote user authentication and key agreement protocol. The new scheme can not only effectively overcome the above defects, but also achieve the user anonymity, forward secrecy and effectiveness of the user login password, etc. Through the comparison and analysis with other related schemes, the new scheme can resist more security attacks and achieve more security properties on the basis of lower computation cost.2. In the wireless roaming environment, mobile users complete the process of authentication and key agreement with the foreign agent under the assistant of the home agent, and access to the corresponding service provided by the foreign agent successfully without the need to register in the foreign agent again. On the basis of previous work, we put forward a new remote user authentication and key agreement scheme more suitable for the wireless environment. Through the comparison and analysis with other related schemes, the new scheme uses elliptic curve cryptosystem, needs lower computation cost, and can truly realize the user anonymity and perfect forward secrecy.3. In the wireless sensor network environment, users complete the process of authentication and key agreement with the sensor node under the assist of the gateway node. We found that the protocols put forward by predecessors cannot resist the password guessing attack and cannot achieve the user anonymity. In this paper, we put forward a new remote user authentication and key agreement protocol. Through the comparison and analysis with other related schemes, the new scheme can achieve greater security paying the same computation cost.