Research On Identity Authentication Protocol In Multi-Server Environment

With the rapid development of mobile communication technology and the gradual improvement of the degree of social informatization,which is facilitating our lives to the greatest extent,the ensuing network information security issues also continue to threaten the privacy and security of information in our communication process.The identity authentication key agreement protocol designed on the basis of cryptography is one of the important means to ensure network information security,which can also enable users to safely enjoy the convenience brought by network services.The mainline of this article is the secure identity authentication protocol in a multi-server environment.And this thesis studies two kinds of identity authentication key agreement protocol with the traditional multi-server environment and the wireless sensor network environment as the background which are based on different security factors.The work of this thesis is summarized as follows:(1)Aiming at the traditional multi-server environment,the two-factor authentication protocol proposed by Lu et al.is studied,and it is found that Lu's scheme has potential security risks that cannot resist user masquerading attacks,server masquerading attacks,and offline password guessing attacks.To overcome the security problems of the Lu's scheme,password and fuzzy verifier are introduced to design a lightweight identity authentication protocol based on dynamic ID.First,the informal analysis,BAN logic analysis,random oracle model analysis and AVISPA experimental simulation analysis show that this scheme can resist various common attacks.Then the performance comparison shows that this scheme has more complete security properties and lower communication overhead,while the calculation overhead is moderate.Therefore,this protocol meets the needs of the traditional multi-server environment.(2)Aiming at the wireless sensor network environment,due to the limited resource of sensor nodes,high security and low load requirements are put forward for the identity authentication protocol.Based on the traditional multi-factor identity authentication protocol,bio-fuzzy extraction technology,which introduces biometric value as the security factor of the identity authentication protocol,and the semigroup attribute of the Chebyshev polynomial are applied to designing a multi-factor identity authentication protocol.First,the informal analysis,BAN logic analysis,random oracle model analysis and AVISPA experimental simulation analysis show that this scheme can resist various common attacks.Then the performance comparison shows that this protocol has better security performance and lower computational and communication overhead.Therefore,this protocol meets the requirements of high security and low load in the wireless sensor network environment.