Research On Anonymous Authentication Mechanism For Multi-server Environment

With the rapid development and extensive application of network, the demand for network services in a multi-server environment is growing rapidly. However the security issue in multi-server environment has become an important factor restricting the further development of network services and applications. And the identity authentication as the first security indemnification of multi-server services is particularly important. Furthermore, users worry about their privacy when they use network services in multi-server environment. Therefore, the research and the establishment of an anonymous authentication mechanism in multi-server environment are necessary and urgent.In this thesis, an anonymous authentication mechanism is studied in multi-server environment. The main work shows as follows:Ravi et al.'s authentication scheme is analyzed in multi-server environment, and the existing shortcomings are showed in their scheme, such as their scheme can not resist Denial of Service(Do S) and Smart card breach attack, and fully realize anonymous authentication. To overcome the shortcomings, an improved scheme is proposed based on their scheme. The improved scheme enables users to access multiple servers only needing to register once, and the server does not need to store any user information. Moreover, the improved scheme achieves full anonymous authentication by using the random masking technique. The analysis of security shows that the improved scheme can not only achieve the security of Ravi et al.'s scheme, but also resist denial of service attacks and smart card attacks, thus overcomes the shortcomings of Ravi et al.'s scheme. The effectiveness of the improved scheme is proved by using BAN logic. The analysis of performance shows that the improved scheme is lower than Ravi et al.'s scheme in terms of calculation cost and communication cost.A multi-server environment is simulated by using Docker container virtual technology, and an anonymous authentication system is constructed based on the improved scheme in this environment. The results of the simulation show that the improved scheme is correct and feasible.