Research On Identity Authentication And Key Consensus Scheme In Cloud Service Environment

Information encryption is an important part of computer network security research,and the key is a variable part of encryption algorithm,which largely determines the security of secure communication.Therefore,how to achieve the session key while confirming the identity of the other party becomes the key to ensure information security.In order to determine the identity of the other party and achieve session key,identity authentication and key consensus protocol must be used.Although there are many identity authentication and key agreement protocols,there are some security problems in some protocols.The traditional single server can not satisfy the large-scale access of multi-users.In order to solve this problem,people put forward a multi-cloud server authentication scheme.Firstly,this paper introduces the research background of identity authentication and key consensus scheme,the research status al home and abroad,and then introduces the relevant basic knowledge.It includes group theory,finite fields,HASH functions and basic knowledge of cryptography.Then,the identity authentication and key consensus schemes of Kumari and Li are an alyzed.It is found that the scheme can not resist replay attack.At the same time,there are obvious loopholes and design defects in the mutual authentication stage of the scheme,which lead to users and servers unable to authenticate each other.Therefore,we pointed out the shortcomings of the scheme,and on this basis,we put forward our own improved new scheme.The improved scheme can not only resist replay attack,common internal attack and off-line password guessing attack,but also enable users and servers to authenticate effectively.The identity authentication and key agreement schemes of Ruhul Amin and Neeraj are studied.It is found that the attacker may impersonate the user attack when the smart card is lost.At the same time,the scheme has a lot of parameters,which leads to a large amount of computation and low communication efficiency when users and servers authenticate each other.Therefore,we put forward our own improved new scheme.The new scheme can not only resist replay attacks,common internal attacks,off-line password guessing attacks,but also resist counterfeit server attacks,and enable users and servers to carry out effective security authentication.Aiming at the problem that access keys stored in smart cards with third party participation increase linearly with the number of registered clouds,`an authentication scheme based on smart cards in multi-cloud environment is proposed.This scheme realizes the identity authentication between users and multiple cloud servers when the third party participates in authentication and smart card stores a small number of parameters.Instead of using public key cryptography technology,hash function is used to generate authentication information,which effectively reduces the computing costs of smart cards and cloud servers.In addition,the proposed scheme does not need to store any user’s information in the multi-cloud,which reduces the storage and management costs of the cloud server.Security analysis and performance analysis show that the proposed scheme can resist multiple attacks.