| 一体化标识网络中的用户身份认证协议 |
| |
| 引用本文: | 唐建强,刘颖,万明,张宏科.一体化标识网络中的用户身份认证协议[J].北方交通大学学报,2012(2):54-61. |
| |
| 作者姓名: | 唐建强 刘颖 万明 张宏科 |
| |
| 作者单位: | 北京交通大学下一代互联网互联设备国家工程实验室,北京100044 |
| |
| 基金项目: | 新一代宽带无线移动通信网重大专项资助(2011ZX03002-005-03); 中央高校基本科研业务费专项资金资助(2012YJS019 2011JBM016 2011JBM012) |
| |
| 摘 要: | 一体化标识网络解决了传统网络中IP地址二义性问题,是一种基于网络的身份与位置分离体系.本文在一体化标识网络中提出一种用户身份认证协议,基于该协议设计了一种利用数字证书构建的接入标识.这种接入标识唯一的表示一体化标识网络中的终端,实现用户身份信息与终端的绑定.该用户身份认证协议基于Diffie-Hellman密钥交换完成用户到用户真实身份的双向认证,采用谜题机制和无认证状态防止应答方受到DoS攻击.通过C-K安全模型分析用户身份认证协议的安全性,分析表明该协议是会话密钥安全的.
|
| 关 键 词: | 一体化标识网络 接入标识 谜题机制 真实性 |
A user identity authentication protocol under universal identifier-based network |
| |
| TANG Jianqiang,LIU Ying,WAN Ming,ZHANG Hongke.A user identity authentication protocol under universal identifier-based network[J].Journal of Northern Jiaotong University,2012(2):54-61. |
| |
| Authors: | TANG Jianqiang LIU Ying WAN Ming ZHANG Hongke |
| |
| Institution: | (National Engineering Laboratory for Next Generation Internet Interconnection Devices,Beijing Jiaotong University,Beijing 100044,China) |
| |
| Abstract: | Universal identifier-based network is proposed to solve the traditional network IP address ambiguity problems,which has location/identifier separation architecture.In this paper,we propose a user identity authentication protocol(UIAP) and design an access identifier with the digital certificate.This access identifier uniquely identifies a terminal in the universal identifier-based network,and implements the binding of the user identity with the terminal.The UIAP protocol uses Diffie-Hellman key exchange approach to achieve user identity bidirectional authentication,and it applies the puzzle mechanism and the stateless authentication to protect a receiver from DoS attack.The analysis of the security of the protocol proves that the method satisfies the session key security requirements defined in the C-K model. |
| |
| Keywords: | universal identifier-based network access identifier puzzle mechanism authenticity |
| 本文献已被 维普 等数据库收录! |
