A Multi-Factor Authentication Scheme Under the SM9 Algorithm Framework
-
摘要: 无线传感器技术使用公开无线信道且存储和计算资源受限,这使其容易遭受潜在的主动攻击(篡改等)和被动攻击(监听等)。身份认证是保障信息系统安全的第一道防线,如何为无线传感器设备设计多因素认证方案是目前安全协议研究的热点。目前,大多数身份认证方案都基于国外密码标准设计,不符合国家核心技术自主可控的网络空间安全发展战略。商密SM9标识密码算法是中国密码标准,已由ISO/IEC标准化并被广泛使用。因此,该文研究如何在商密SM9标识密码算法框架下,将口令、生物特征以及智能卡相结合来设计多因素身份认证方案,并利用模糊验证技术和蜜罐口令方法增强口令安全。该文在随机谕言模型(Random Oracle Model, ROM)下证明了方案的安全性,并给出启发式安全分析。与相关身份认证方案的对比结果表明,该文提出的身份认证方案在提供安全性的同时能够适用于资源受限的无线传感器网络。Abstract: Wireless sensor networks use public wireless channels and their storage and computing resources are limited, making them vulnerable to active attacks and passive attacks. Identity authentication acts as the first line to ensure the security of information systems. Then, how to design multi-factor authentication schemes for wireless sensor devices is currently a hot topic. Nowadays, most existing schemes are based on foreign cryptographic standards that do not comply with the autonomous and controllable cyberspace security development strategy. SM9 is an identity-based cryptographic algorithm that has become a Chinese cryptographic standard recently. Therefore, this paper focuses on how to combine passwords, biometrics, and smart cards to design a multi-factor authentication scheme that can be used for wireless sensor networks under the framework of SM9. The proposed scheme applies the fuzzy verifier technique and the honeyword method to resist password guessing attacks and further enables session key negotiation and password update. The security is proved under the Random Oracle Model (ROM) and a heuristic security analysis is provided additionally. The comparison results show that the proposed scheme can be deployed to wireless sensor networks.
-
表 1 方案的敌手模型和系统评价指标对比
文献 敌手模型 系统评价指标 1 2 3 4 5 6 1 2 3 4 5 6 7 8 9 10 11 12 文献[22] √ √ √ × × √ √ × √ √ × √ √ √ √ √ √ √ 文献[23] √ √ √ × × √ √ √ √ × × √ √ √ √ √ × × 文献[24] √ √ √ √ × √ √ × √ √ × √ √ × √ √ × √ 文献[25] √ √ √ × × √ √ × √ √ × √ √ √ √ √ √ × 文献[26] √ √ √ √ × √ √ √ √ √ × √ √ √ √ √ √ √ 文献[27] √ √ √ × × √ √ × √ √ × √ √ × √ √ × × 文献[28] √ √ √ × × √ √ × √ √ × √ √ √ √ √ √ × 文献[29] √ √ √ × √ √ √ × √ √ × √ √ × √ √ × × 文献[30] √ √ √ √ × √ √ × √ √ × √ √ √ √ √ × × 文献[3] √ √ × √ √ √ √ × √ √ √ √ √ √ √ √ √ √ MFAS-SM9 √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ √ 其中,“√”表示满足该条件;“×”表示不满足该条件。 表 2 方案的计算开销对比
文献 用户 认证网关 传感器节点 文献[22] $ 4{{T}}_{\mathrm{H}}+6{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{P}} $ $ 5{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{M}}+3{{T}}_{\mathrm{E}}+4{{T}}_{\mathrm{P}} $ $ 9{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{M}}+7{{T}}_{\mathrm{E}}+4{{T}}_{\mathrm{P}} $ 文献[23] $ 21{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{s}}+2{{T}}_{\mathrm{P}} $ $ 13{{T}}_{\mathrm{H}}+6{{T}}_{\mathrm{c}}+4{{T}}_{\mathrm{M}}+6{{T}}_{\mathrm{S}}+2{{T}}_{\mathrm{P}} $ $ 6{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{S}}+2{{T}}_{\mathrm{P}} $ 文献[24] $ 5{{T}}_{\mathrm{H}}+11{{T}}_{\mathrm{C}}+2{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{s}} $ ─ $ 7{{T}}_{\mathrm{H}}+12{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{s}}+4{{T}}_{\mathrm{P}} $ 文献[25] $ {{T}}_{\mathrm{H}}+3{{T}}_{\mathrm{E}}+{{T}}_{\mathrm{P}} $ ─ $ {{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{E}}+{{T}}_{\mathrm{M}}+{{T}}_{\mathrm{P}} $ 文献[26] $ 2{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{E}}+19{{T}}_{\mathrm{C}}+2{{T}}_{\mathrm{P}} $ $ 2{{T}}_{\mathrm{H}}+5{{T}}_{\mathrm{E}}+14{{T}}_{\mathrm{C}}+5{{T}}_{\mathrm{P}} $ $ {{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{E}}+4{{T}}_{\mathrm{C}} $ 文献[27] $ 8{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{E}}+9{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{s}}+3{{T}}_{\mathrm{P}} $ ─ $ 7{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{E}}+4{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{M}}+2{{T}}_{\mathrm{s}}+4{{T}}_{\mathrm{P}} $ 文献[28] $ 6{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{E}}+3{{T}}_{\mathrm{C}}+{{T}}_{\mathrm{S}} $ ─ $ 3{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{E}}+2{{T}}_{\mathrm{C}}+{{T}}_{\mathrm{S}} $+$ {{T}}_{\mathrm{P}} $ 文献[29] $ 12{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{C}} $ $ 18{{T}}_{\mathrm{H}}+5{{T}}_{\mathrm{C}} $ $ 7{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{C}} $ 文献[30] $ 2{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{B}}+{{T}}_{\mathrm{C}}+4{{T}}_{\mathrm{E}}+6{{T}}_{\mathrm{P}\mathrm{R}\mathrm{F}}+{{T}}_{\mathrm{S}}+{{T}}_{\mathrm{S}\mathrm{i}\mathrm{g}} $ ─ $ 2{{T}}_{\mathrm{H}}+3{{T}}_{\mathrm{C}}+5{{T}}_{\mathrm{E}}+6{{T}}_{\mathrm{P}\mathrm{R}\mathrm{F}}+{{T}}_{\mathrm{S}}+2{{T}}_{\mathrm{S}\mathrm{i}\mathrm{g}} $ 文献[3] $ 17{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{B}}+3{{T}}_{\mathrm{C}} $ $ 15{{T}}_{\mathrm{H}}+{{T}}_{\mathrm{C}} $ $ 4{{T}}_{\mathrm{H}}+2{{T}}_{\mathrm{C}} $ MFAS-SM9 $ 12{{T}}_{\mathrm{H}}+4{{T}}_{\mathrm{C}}+2{{T}}_{\mathrm{E}}+2{{T}}_{\mathrm{P}} $ $ 6{{T}}_{\mathrm{H}}+3{{T}}_{\mathrm{C}}+2{{T}}_{\mathrm{E}}+{{T}}_{\mathrm{P}} $ $ 7{{T}}_{\mathrm{H}}+5{{T}}_{\mathrm{C}}+2{{T}}_{\mathrm{E}}+2{{T}}_{\mathrm{P}} $ 表 3 方案的通信开销对比
文献 用户 认证网关 传感器节点 文献[22] $ \left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+5\left|{\mathbb{G}}_{{\mathrm{T}}}\right|+5\left|{\mathbb{Z}}_{p}^{*}\right| $ $ 4\left|{\mathbb{G}}_{1}\right|+3\left|{\mathbb{G}}_{2}\right|+6\left|{\mathbb{G}}_{{\mathrm{T}}}\right|+6\left|{\mathbb{Z}}_{p}^{*}\right| $ $ \left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+3\left|{\mathbb{G}}_{{\mathrm{T}}}\right|+5\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[23] $ \left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+\left|{\mathbb{G}}_{{\mathrm{T}}}\right|+6\left|\right|{\mathbb{Z}}_{p}^{*}| $ $ \left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+2\left|{\mathbb{G}}_{{\mathrm{T}}}\right|+15\left|{\mathbb{Z}}_{p}^{*}\right| $ $ \left|{{\mathbb{G}}}_{{\mathrm{T}}}\right|+5\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[24] $ 2\left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+3\left|{\mathbb{Z}}_{p}^{*}\right| $ ─ $ 2\left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+2\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[25] $ \left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+5\left|{\mathbb{Z}}_{p}^{*}\right| $ ─ $ 2\left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+3\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[26] $ 5\left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+4\left|{\mathbb{Z}}_{p}^{*}\right| $ $ 4\left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{G}}_{2}\right|+8\left|{\mathbb{Z}}_{p}^{*}\right| $ $ \left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[27] $ 3\left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+5\left|{\mathbb{Z}}_{p}^{*}\right| $ ─ $ \left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[28] $ 2\left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+3\left|{\mathbb{Z}}_{p}^{*}\right| $ ─ $ \left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{G}}_{2}\right|+3\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[29] $ 2\left|{\mathbb{G}}_{1}\right|+9\left|{\mathbb{Z}}_{p}^{*}\right| $ $ \left|{\mathbb{G}}_{1}\right|+13\left|{\mathbb{Z}}_{p}^{*}\right| $ $ \left|{\mathbb{G}}_{1}\right|+10\left|{\mathbb{Z}}_{p}^{*}\right| $ 文献[30] $ 2\left|{\mathbb{G}}_{1}\right|+3\left|{\mathbb{Z}}_{p}^{\mathrm{*}}\right| $ ─ $ \left|{\mathbb{G}}_{1}\right|+4\left|{\mathbb{Z}}_{p}^{\mathrm{*}}\right| $ 文献[3] $ 2\left|{\mathbb{G}}_{1}\right|+5\left|{\mathbb{Z}}_{p}^{\mathrm{*}}\right| $ $ 2\left|{\mathbb{G}}_{1}\right|+8\left|{\mathbb{Z}}_{p}^{\mathrm{*}}\right| $ $ \left|{\mathbb{G}}_{1}\right|+\left|{\mathbb{Z}}_{p}^{\mathrm{*}}\right| $ MFAS-SM9 $ 2\left|{\mathbb{G}}_{1}\right|+3\left|{\mathbb{Z}}_{p}^{*}\right| $ $ 2\left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{Z}}_{p}^{*}\right| $ $ 2\left|{\mathbb{G}}_{1}\right|+2\left|{\mathbb{Z}}_{p}^{*}\right| $ -
[1] 李文婷, 汪定, 王平. 无线传感器网络下多因素身份认证协议的内部人员攻击[J]. 软件学报, 2019, 30(8): 2375–2391. doi: 10.13328/j.cnki.jos.005766.LI Wenting, WANG Ding, and WANG Ping. Insider attacks against multi-factor authentication protocols for wireless sensor networks[J]. Journal of Software, 2019, 30(8): 2375–2391. doi: 10.13328/j.cnki.jos.005766. [2] SON S, LEE J, PARK Y, et al. Design of blockchain-based lightweight V2I handover authentication protocol for VANET[J]. IEEE Transactions on Network Science and Engineering, 2022, 9(3): 1346–1358. doi: 10.1109/TNSE.2022.3142287. [3] 王晨宇, 汪定, 王菲菲, 等. 面向多网关的无线传感器网络多因素认证协议[J]. 计算机学报, 2020, 43(4): 683–700. doi: 10.11897/SP.J.1016.2020.00683.WANG Chenyu, WANG Ding, WANG Feifei, et al. Multi-factor user authentication scheme for multi-gateway wireless sensor networks[J]. Chinese Journal of Computers, 2020, 43(4): 683–700. doi: 10.11897/SP.J.1016.2020.00683. [4] 汪定, 王平, 雷鸣. 基于RSA的网关口令认证密钥交换协议的分析与改进[J]. 电子学报, 2015, 43(1): 176–184. doi: 10.3969/j.issn.0372-2112.2015.01.028.WANG Ding, WANG Ping, and LEI Ming. Cryptanalysis and improvement of gateway-oriented password authenticated key exchange protocol based on RSA[J]. Acta Electronica Sinica, 2015, 43(1): 176–184. doi: 10.3969/j.issn.0372-2112.2015.01.028. [5] YU S and PARK Y. A robust authentication protocol for wireless medical sensor networks using blockchain and physically unclonable functions[J]. IEEE Internet of Things Journal, 2022, 9(20): 20214–20228. doi: 10.1109/JIOT.2022.3171791. [6] WATRO R, KONG D, CUTI S F, et al. TinyPK: Securing sensor networks with public key technology[C]. Proceedings of the 2nd ACM Workshop on Security of Ad Hoc and Sensor Networks, Washington, USA, 2004: 59–64. doi: 10.1145/1029102.1029113. [7] DAS M L. Two-factor user authentication in wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2009, 8(3): 1086–1090. doi: 10.1109/TWC.2008.080128. [8] HUANG Huifeng, CHANG Yafen, and LIU Chunhung. Enhancement of two-factor user authentication in wireless sensor networks[C]. Sixth International Conference on Intelligent Information Hiding and Multimedia Signal Processing, Darmstadt, Germany, 2010: 27–30. doi: 10.1109/IIHMSP.2010.14. [9] WANG Ding and WANG Ping. On the anonymity of two-factor authentication schemes for wireless sensor networks: Attacks, principle and solutions[J]. Computer Networks, 2014, 73: 41–57. doi: 10.1016/j.comnet.2014.07.010. [10] SADRI M J and ASAAR M R. An anonymous two-factor authentication protocol for IoT-based applications[J]. Computer Networks, 2021, 199: 108460. doi: 10.1016/j.comnet.2021.108460. [11] ALLADI T, CHAMOLA V, and NAREN N. HARCI: A two-way authentication protocol for three entity healthcare IoT networks[J]. IEEE Journal on Selected Areas in Communications, 2021, 39(2): 361–369. doi: 10.1109/JSAC.2020.3020605. [12] JIANG Jingwei, WANG Ding, ZHANG Guoyin, et al. Quantum-resistant password-based threshold single-sign-on authentication with updatable server private key[C]. 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, , 2022: 295–316. doi: 10.1007/978-3-031-17146-8_15. [13] WANG Qingxuan, WANG Ding, CHENG Chi, et al. Quantum2FA: Efficient quantum-resistant two-factor authentication scheme for mobile devices[J]. IEEE Transactions on Dependable and Secure Computing, 2023, 20(1): 193–208. doi: 10.1109/TDSC.2021.3129512. [14] WANG Ding and WANG Ping. Two birds with one stone: Two-factor authentication with security beyond conventional bound[J]. IEEE Transactions on Dependable and Secure Computing, 2018, 15(4): 708–722. doi: 10.1109/TDSC.2016.2605087. [15] WANG Qingxuan and WANG Ding. Understanding failures in security proofs of multi-factor authentication for mobile devices[J]. IEEE Transactions on Information Forensics and Security, 2023, 18: 597–612. doi: 10.1109/TIFS.2022.3227753. [16] CHENG Zhaohui. Security analysis of SM9 key agreement and encryption[C]. 14th International Conference on Information Security and Cryptology, Fuzhou, China, 2019: 3–25. doi: 10.1007/978-3-030-14234-6_1. [17] 赖建昌, 黄欣沂, 何德彪, 等. 国密SM9数字签名和密钥封装算法的安全性分析[J]. 中国科学:信息科学, 2021, 51(11): 1900–1913. doi: 10.1360/SSI-2021-0049.LAI Jianchang, HUANG Xinyi, HE Debiao, et al. Security analysis of SM9 digital signature and key encapsulation[J]. SCIENTIA SINICA Informationis, 2021, 51(11): 1900–1913. doi: 10.1360/SSI-2021-0049. [18] LAI Jianchang, HUANG Xinyi, HE Debiao, et al. Provably secure online/offline identity-based signature scheme based on SM9[J]. The Computer Journal, 2022, 65(7): 1692–1701. doi: 10.1093/comjnl/bxab009. [19] 赖建昌, 黄欣沂, 何德彪, 等. 基于SM9的CCA安全广播加密方案[J]. 软件学报, 2023, 34(7): 3354–3364. doi: 10.13328/j.cnki.jos.006531.LAI Jianchang, HUANG Xinyi, HE Debiao, et al. CCA secure broadcast encryption based on SM9[J]. Journal of Software, 2023, 34(7): 3354–3364. doi: 10.13328/j.cnki.jos.006531. [20] LI Nan, GUO Fuchun, MU Yi, et al. Fuzzy extractors for biometric identification[C]. 37th International Conference on Distributed Computing Systems, Atlanta, USA, 2017: 667–677. doi: 10.1109/ICDCS.2017.107. [21] BELLARE M, POINTCHEVAL D, and ROGAWAY P. Authenticated key exchange secure against dictionary attacks[C]. International Conference on the Theory and Application of Cryptographic Techniques, Bruges, Belgium, 2000: 139–155. doi: 10.1007/3-540-45539-6_11. [22] LYU Qiuyun, LI Hao, DENG Zhining, et al. A2UA: An auditable anonymous user authentication protocol based on blockchain for cloud services[J]. IEEE Transactions on Cloud Computing, 2023, 11(3): 2546–2561. doi: 10.1109/TCC.2022.3216580. [23] ZHOU Quan, TANG Chunming, ZHEN Xianghan, et al. A secure user authentication protocol for sensor network in data capturing[J]. Journal of Cloud Computing, 2015, 4(1): 6. doi: 10.1186/s13677-015-0030-z. [24] AZEES M, VIJAYAKUMAR P, KARUPPIAH M, et al. An efficient anonymous authentication and confidentiality preservation schemes for secure communications in wireless body area networks[J]. Wireless Networks, 2021, 27(3): 2119–2130. doi: 10.1007/s11276-021-02560-y. [25] VIJAYAKUMAR P, AZEES M, KOZLOV S A, et al. An anonymous batch authentication and key exchange protocols for 6G enabled VANETs[J]. IEEE Transactions on Intelligent Transportation Systems, 2022, 23(2): 1630–1638. doi: 10.1109/TITS.2021.3099488. [26] YANG Qingyou, XUE Kaiping, XU Jie, et al. AnFRA: Anonymous and fast roaming authentication for space information network[J]. IEEE Transactions on Information Forensics and Security, 2019, 14(2): 486–497. doi: 10.1109/TIFS.2018.2854740. [27] ARFAOUI A, BOUDIA O R M, KRIBÈCHE A, et al. Context-aware access control and anonymous authentication in WBAN[J]. Computers & Security, 2020, 88: 101496. doi: 10.1016/j.cose.2019.03.017. [28] ODELU V, SAHA S, PRASATH R, et al. Efficient privacy preserving device authentication in WBANs for industrial e-health applications[J]. Computers & Security, 2019, 83: 300–312. doi: 10.1016/j.cose.2019.03.002. [29] VIJAYAKUMAR P, OBAIDAT M S, AZEES M, et al. Efficient and secure anonymous authentication with location privacy for IoT-based WBANs[J]. IEEE Transactions on Industrial Informatics, 2020, 16(4): 2603–2611. doi: 10.1109/TII.2019.2925071. [30] 魏福山, 张刚, 马建峰, 等. 标准模型下隐私保护的多因素密钥交换协议[J]. 软件学报, 2016, 27(6): 1511–1522. doi: 10.13328/j.cnki.jos.005001.WEI Fushan, ZHANG Gang, MA Jianfeng, et al. Privacy-preserving multi-factor key exchange protocol in the standard model[J]. Journal of Software, 2016, 27(6): 1511–1522. doi: 10.13328/j.cnki.jos.005001.