摘要
针对企业信息管理系统的安全性问题,提出一种基于椭圆曲线加密(ECC)的安全认证方案。首先,利用低计算复杂度的Montgomery型椭圆曲线对密钥进行加密。然后,通过服务器和用户之间的相互认证来保证访问安全。同时通过随机数机制确保每次认证的参数信息动态变化,以此提供匿名性和前向安全性。性能分析表明,该方案能够抵抗重放、用户伪装、服务器欺骗等攻击,具有较高的安全性能,且具有较低的资源开销。
For the issues that the security of enterprise information management system, a secure authentication scheme based on Elliptic Curve Cryptography(ECC) is proposed. Firstly, the key is encrypted by the Montgomery elliptic curve which with low computational complexity. Then, the mutual authentication between the server and the user is used to ensure access to security. At the same time, the random number mechanism is used to ensure the dynamic change of the parameter information in each authentication, so as to provide anonymity and forward security. Performance analysis shows that the proposed scheme can resist the attacks such as replay, user's disguise and server's deception, which has high security and low resource cost.
作者
赵国军
吴维军
ZHA O Guo-jun;WU Wei-jun(Liaoning Equipment Manufacture College of Vocational Technology,Shenyangl 10161,China)
出处
《控制工程》
CSCD
北大核心
2018年第7期1262-1266,共5页
Control Engineering of China
基金
2016年中国物流学会教改教研究基金项目(No.JZW2016129)
关键词
企业信息管理系统
安全认证
椭圆曲线加密
相互认证
Enterprise information management system
Security authentication
Elliptic Curve Cryptography
Mutual authentication
