Research On Authentication And Key Agreement Protocol Based On Smart Card And Password

In the current network or communication system,key agreement protocol has offered a secure network communication guarantee,which means that authenticated key agreement is the first line of defense of network information security.It provides a variety of security services to exchange information with multiple parties engaging in the contract.The key distribution,ID authentication and information exchange of communication objects can also be realized.It combines authentication technology with key agreement technology to realize secure network communication.Especially in the research and development of password and smart card authentication high level negotiation protocol,users can store pure information and realize the secure communication of network communication effectively,multi-user games and sharing tools.Authenticated key agreement technology can not only ensure that the system can identify the user's real identity and prevent malicious attacks from illegal users,but also establish a common session key for future communication on the public channel.Therefore,many scholars linked the research of key agreement protocol in the environment of Internet of things,Internet of vehicles,smart card and so on,which guarantees the safe transmission of information in the environment of Internet of things,smart card and so on.However,we still can not ignore the various means of malicious attackers,such as the middle-man attack.secret key leakage camouflage attack,and the attacker's tracking and attack on the authentication process,all of which have the risks of letting the user's secret information be stolen.For example,in the anonymous authentication secret key agreement protocol(AKA)scheme based on Smart Card,when smart card lost,there is no way to defend against the adversary's offline dictionary attack.In view of these situations,we have carried out the research and improvement of key agreement protocol.1.This paper improves a password based authenticated key agreement scheme.The scheme allows users to modify their own passwords,but also can achieve mutual authentication,defense offline password guessing and replay means.The security proof of the scheme can be reduced to the Diffie–Hellman(D-H)problem on elliptic curve.The verification table of the system stores the ciphertext encrypted by the base point on the elliptic curve to resist the attack of stealing the verification table.2.In this paper,an improved authenticated key agreement scheme based on smart card is proposed.This scheme can not only solve the security problem after the smart card is stolen and the offline password guessing attack,but also has the advantages of small amount of calculation,high efficiency and strong practicability.Users can change the password without interacting with the server.3.After combining the smart card with the improved password based on authenticated key agreement protocol,and the security is proved in the improved model.Through the analysis and comparison of the security and efficiency of the protocol,the security and reliability of the improved protocol are further improved,and the efficiency is also higher.In real life,the application environment of smart card will be more reliable and convenient.