Research On The Protocol Of Authentication And Key Agreement Based On Mobile Storage

In an information era whose core is network,the Internet has become the main channel for transmitting information and sharing resource,which has a major impact on the national economy and social life.The universality and openness of the network enables more and more devices to access the Internet,providing people with abundant information and convenient services.However,just as every coin has two sides,the widespread applications of the Internet has brought many new threats to the security of information as well.In a network environment,ensuring the secure communication between session participants has become an important factor for maintaining the stable growing of the network.Authentication and key agreement protocol is an significant mechanism for solving the secure trouble,which enables participants to authenticate each other and generate a shared key to protect later communication.Traditional authentication and key agreement protocols only based on users' password.Such protocols always subject to attackers' drag-and-drop attacks,password guessing attacks,impersonation attacks,man-in-the-middle attacks,etc.Soon afterwards,to enhance the robustness of the protocol,storage technology is applied when designing protocols,forming a new species named authentication and key agreement protocol based on mobile storage.These protocols utilize the storage capacity of the device to obtain additional authentication parameters through registration,which greatly improve the ability for resisting attacks.In this paper,authentication and key agreement protocols based on mobile storage are deeply studied,and efficient and secure protocols are proposed for three different emerging scenarios,respectively.The protocol for wireless body area network scenario is realized by the XOR operation and hash function method;the protocol for telemedicine scenario is realized by the elliptic curve cryptography method;and the protocol for vehicular ad-hoc network scenario is implemented by the Diffie-Hellman algorithm.When comes to security analysis,attackers' perspective is adopted to simulate attacks.Moreover,formal proof,for example,BAN logic,automated cryptographic analysis tool or random oracle model,is used to prove the achievement of the intended purposes.In the performance analysis,by comparing with other relevant protocols in security characteristics,calculation and storage costs,we can find that these protocols proposed in this paper perform better.