| Network security issues have been related to the vital interests of hundreds of millions of mobile Internet users with prosperity of mobile Internet. Identity authentication is the foundation of mobile Internet network security and the first defense. At present, the popular identity authentication methods in mobile application system include: password authentication, electronic token authentication, digital certificate authentication, biometric authentication and so on, but each have their own shortcomings.For example, the hierarchical CA(certificate authentication) costs too much in construction and maintainance, the key of digital certificate authentication method based on the PKI password system, and with the CA level going deeper, the trust of the certificate has been reduced. CPK(combined public key) based on the problem of elliptic curve discrete logarithm features in a large amount of keys can being produced in small key matrix, no need of third-party CA chain, no requirement of online database support and so on. But CPK also has some shortcomings, such as key collision problem and collusion attacks. Eliminating duplication in database is proposed in this paper to solve key collision problem. CPK determines whether combined key is redundant by comparing database while user’s key is being generating. At last combined key pairs generated for user are sum of identification key and increment key. To solve collusion attacks, rules of private key has been set and coefficient matrix has been added to CPK in the identification key’s generation process. Finally, it was presented that a mobile Internet identity authentication system based on improved CPK, which includes design and implementation in detail, in this paper. The system verifies the feasibility of the improved CPK. |
PDF Full Text Request