並列摘要
Traditional password-based user authentication protocols authenticate the legitimacy of the user by checking his valid password and identity. However, the password is either a long meaningless string, which is difficult for user to memorize, or a short easily-memorized password, which is easily suffered from password guessing attacks. Some user authentication protocols with three factors are recently proposed to achieve higher security and better user friendliness. Legitimacy of the user is authenticated by a smart card, user's biometric characteristics, and a password. We proposed a new user authentication protocol with three factors for multi-server environments based on protocol of Fan et al. which is designed for single server. It allows the user to register and login several servers by memorizing only one password. This protocol is secure against some potential attacks and impersonation attack plotted by any malicious server manager.
延伸閱讀
- NGUYEN, N. T. (2018). 針對公開通訊網路之不可追蹤的多因子認證金鑰協定 [doctoral dissertation, Feng Chia University]. Airiti Library. https://doi.org/10.6341/fcu.P0047951
- Shiau, S. H. (2007). 適用於多伺服系統的高效率具鑑別性共同密鑰產生技術之研究 [doctoral dissertation, Tamkang University]. Airiti Library. https://doi.org/10.6846/TKU.2007.00442
- 林尚澐(2019)。結合生物特徵之物聯網安全身分驗證暨金鑰協議方式〔碩士論文,國立臺中科技大學〕。華藝線上圖書館。https://www.airitilibrary.com/Article/Detail?DocID=U0061-2408201914023900
- 許建隆、畢仕誠、呂崇富(2016)。適用於多重伺服器環境之點對點可鑑別金鑰交換協定。資訊安全通訊,22(3),10-27。https://www.airitilibrary.com/Article/Detail?DocID=a0000270-201607-201608090012-201608090012-10-27
- Chen, J. L. (2020). 在物聯網環境下具有輕量化及洩漏存活特性之以身分為基礎的相互認證及金鑰交換協定 [master's thesis, National Changhua University of Education]. Airiti Library. https://www.airitilibrary.com/Article/Detail?DocID=U0035-2712202116052105