Research On Identity Authentication Protocol Based On Chebyshev Polynomial

The identity authentication is the key technology to ensure the security of information transmission between legitimate entities and ensure the reliable network services for users.It is also an important direction for information security research.In this paper,the identity authentication protocols based on Chebyshev polynomial are studied.Two typical application scenarios,single-server environment and multi-server environment are selected for analysis.The main contributions of this paper are as follows:(1)Aiming at the single-server environment,the three-party password authentication scheme based on Chebyshev polynomial proposed by Xie et al.is studied.It is found that the scheme is vulnerable to internal privileged person attack,password guessing attack and user impersonation attack due to the lack of protection of user identity information,and exists potential security risks.Focusing on the requirements of high security and low load in the wireless communication environment,introducing the quadratic residues for the security problems existing in the Xie's scheme,and combining the semi-group and chaotic characteristics of the Chebyshev polynomial to design a three-party password authentication protocol which is more suitable for the wireless environment.On the one hand,the informal security analysis and formal AVISPA simulation show that the proposed model can resist all kinds of common attacks.On the other hand,the performance comparison shows that the proposed scheme has more security attributes and lower communication overhead than other three-party password authentication protocols based on Chebyshev polynomial,and the computational overhead is moderate.The quadratic residues not only provides users with stronger privacy protection,but also controls economic costs.Therefore,the proposed scheme satisfies the requirements of wireless communication environment.(2)For the multi-server environment,it can be concluded that the identity authentication protocols can be divided into two types:the registration center online and the registration center offline according to whether the registration center participates directly in the authentication process,which are applicable to systems with strict security requirements and higher real-time requirements respectively.Focusing on the analysis of identity authentication protocols in cloud computing environment,it is found that many solutions suitable for traditional multi-server network environment cannot be applied directly in cloud computing environment with high real-time requirements.Therefore,aiming at the characteristics of cloud environment,this paper introduces biometric factors by using the fuzzy extraction technology based on traditional two-factor authentication protocols,and combines the semi-group and chaotic properties of Chebyshev polynomial to design a multi-factor identity authentication protocol.On the one hand,the informal security analysis and formal AVISPA simulation show that the proposed model can resist various common attacks.On the other hand,the performance comparison shows that the proposed model can protect user privacy protection and stronger security attributes than other traditional cryptosystem-based protocols,has reasonable computing and communication overhead.Therefore,the authentication scheme of registration center offline meets the high real-time and security requirements of cloud computing environment.