Research On Two Factor Security Authentication Scheme On Lattice

With the continuous improvement of the development level of the Internet,today’s society has entered the information age.Diversified channels of information transmission not only make our life more efficient and intelligent,but also constantly improve our security awareness,especially make us pay more attention to personal network data security.As the first line of defense to protect network information security,identity authentication is the process in which network entities confirm each other’s identity through information interaction,which can effectively maintain the confidentiality,integrity and authentication of data transmission in the network system.The traditional identity authentication mechanism completes the authentication through the single-factor method of username/password,which has gradually been unable to adapt to the needs of the new security situation.Two-factor authentication verifies the identity of network entities and establishes a shared session key by using two means or factors,which realizes secure communications over open channels.This paper studies the two-factor authentication scheme based on smart card from four aspects of identity-concealed,anti-quantum attack,efficiency and application respectively.The research contents are as follows:(1)Aiming at the problem of identity privacy and data security of node access in Internet of Things(Iot)environment,a two-factor authentication scheme of identitybased higncryption is proposed.The scheme realizes the identity concealed of the communicating party through identity-based higncryption,and combines the bilinear pairings to verify whether the communicating party has a valid password and smart card,which ensures only valid communicating party can complete mutual authentication and negotiate secure session keys.Compared with the existing authentication schemes in IoT,the proposed scheme has the security of randomness protection,deniability and identityconcealed,and reduces the number of communication rounds and the execution times of time-consuming cryptographic operations.In addition,the scheme has the advantages of high communication and computing efficiency,and it is suitable for the IoT environment where computing performance is limited.(2)To solve the existing smart-card based password authentication schemes whose cannot resist malicious card reader attacks and quantum attacks,this paper proposes a two-factor authentication scheme based on the Learning With Errors(LWE)problem.The scheme utilizes an approximate smooth projective hash function(ASPH)and a splitable public-key encryption mechanism,then combines password and smart card to complete dual identity authentication and session key negotiation between user and server.During the execution of the scheme,the smart card does not need to store the information related to the user’s password,and its validity is directly verified by the server,which can effectively resist malicious card reader attacks.The analysis shows that compared with the two-factor authentication scheme based on the classical number theoretical hard problem,the proposed scheme has higher security and can resist quantum attacks.Compared with the password authentication scheme based on hard problems in lattice,the proposed scheme is more resistant to the online dictionary attack and has high execution efficiency.(3)In order to solve the security and ease-of-use of customer login in the bank payment system,this paper applies the two-factor authentication scheme based on smart card on lattices to the bank payment system.The system introduces a trusted third party to handle the transaction contradiction,using password and smart card to confirm the real identity of the transaction party.The system combines a splitable public-key encryption mechanism and its corresponding approximate smooth projection hash function to complete the safe transmission of data,so as to truly realize safe and effective online transactions.In addition,the two-factor authentication scheme based on LWE is suitable for different network transaction scenarios,which makes the system have the characteristics of resisting quantum attack,strong flexibility.And the communication overhead and computational efficiency of the system can also meet the actual application requirements.