位置:成果数据库 > 期刊 > 期刊详情页
一种匿名口令鉴别构件系统
  • ISSN号:1003-3254
  • 期刊名称:《计算机系统应用》
  • 分类:TP309[自动化与计算机技术—计算机系统结构;自动化与计算机技术—计算机科学与技术]
  • 作者机构:[1]中国科学院大学,北京100190, [2]中国科学院软件研究所,北京100190
  • 相关基金:国家自然科学基金(61472409,61303247);国家自然科学基金重点项目(91118006); 国家高技术研究发展计划(863)(2012AA01A403); 国家重点基础研究计划(973)(2013CB338003)
中文摘要:

作为隐私保护的重要手段,匿名鉴别机制引起了各界的广泛关注,口令鉴别作为应用最广泛的鉴别方式,研究设计仅依赖于口令的匿名鉴别系统具有重要意义.在此背景下,国际标准化组织ISO/IEC JTC1/SC27启动了ISO/IEC20009-4标准项目,专门针对基于口令的匿名鉴别机制开展标准化工作,目前收录了三种匿名口令鉴别协议.本文基于该标准中的SKI协议研究设计了一种匿名口令鉴别构件系统,同时系统可支持标准中收录的其它两种协议.本文针对该构件系统的安全性、匿名性以及性能方面进行了系统的分析设计,从系统初始化、匿名分组构建到标准协议执行等各环节进行了安全保护,填补了标准本身到实际应用的差距.本文主要解决了SKI协议应用时面临的安全及效率问题,包括:协议中"公告板信息不一致"将导致合法用户认证失败、群组公告信息的"首次请求"面临超长等待延时等问题.构件系统通过引入"双重公告信息"、"请求绑定会话"、"Cache机制"等多种手段解决了上述问题.最后,我们对匿名口令鉴别构件系统的性能进行了实验分析.目前尚未见国内外同类系统被提出.

英文摘要:

Anonymous authentication has attracted widespread attention of the public as an important means of privacy protection. It is significant to achieve anonymous mechanism based on password which is the most common method of user authentication and remains very widely used in cyberspace. In this scenario, ISO/IEC JTC1/SC27 launched the project of ISO/IEC20009-4 to prepare the standards for PAEA(password-based anonymous entity authentication) mechanisms. There are 3 kinds of protocols for PAEA specified in the ISO/IEC2009-4. This paper designs and specifies a kind of anonymous password entity-authentication component system based on the SKI mechanism, which is one of three kinds of protocols for PAEA in ISO/IEC20009-4. And the system can support the other two protocols at the same time. We analyze the security, anonymity and performance of the system and enhance the security of the processes of system initialization, construction of anonymous group and execution of the protocol. Our work has closed the gap between the theory and the application of the mechanisms. In this paper, we mainly solve the security and performance problems of SKI mechanism when SKI is applied in practice, including "Inconformity of Bulletin Information" which will lead to failure in authentication and the long latency of the "First Query" of a group's public bulletin information etc. And we solve all of them by introducing the solutions of "Dual Bulletin Information Scheme", "Cache System", "Query-Bound-Session Mechanism", etc. At last, we analyzethe performance of the system by do the testing experiences. For now, no domestic and foreign similar systems have been proposed.

同期刊论文项目
期刊论文 56 会议论文 49 著作 1
同项目期刊论文
期刊信息
  • 《计算机系统应用》
  • 中国科技核心期刊
  • 主管单位:中国科学院
  • 主办单位:中国科学院软件研究所
  • 主编:苏振泽
  • 地址:北京8718信箱
  • 邮编:100190
  • 邮箱:csa@iscas.ac.cn
  • 电话:010-62661041
  • 国际标准刊号:ISSN:1003-3254
  • 国内统一刊号:ISSN:11-2854/TP
  • 邮发代号:82-558
  • 获奖情况:
  • 国内外数据库收录:
  • 波兰哥白尼索引,美国剑桥科学文摘,中国中国科技核心期刊,中国北大核心期刊(2000版)
  • 被引量:15201