Computer Engineering and Applications ›› 2020, Vol. 56 ›› Issue (14): 68-73.DOI: 10.3778/j.issn.1002-8331.1904-0328

Previous Articles     Next Articles

Dynamic Password Authentication Protocol for Wireless Body Area Network

DU Mengyao, WANG Zheng, LI Na, QIANG Yan   

  1. 1.College of Information and Computer, Taiyuan University of Technology, Jinzhong, Shanxi 030600, China
    2.State Grid Shanxi Electric Power Company, Taiyuan 030024, China
  • Online:2020-07-15 Published:2020-07-14

适用于无线体域网的动态口令认证协议

杜梦瑶,王峥,李娜,强彦   

  1. 1.太原理工大学 信息与计算机学院,山西 晋中 030600
    2.国网山西省电力公司,太原 030024

Abstract:

Wireless body area network transmits sensitive data highly related to life, and identity authentication is the first line of defense for information security protection. At present, the identity authentication schemes based on human biology information have many problems, such as difficult to extract information, great contingency and error. The authentication schemes based on traditional cryptography are not suitable for wireless body area network environment because of the need for large computational resources and energy consumption. Therefore, based on the dynamic password and asymmetric encryption mechanism, a dynamic password two-way authentication lightweight protocol for wireless body area network is proposed and analyzed formally. Through theoretical proof, SVO logical reasoning and SPIN model detection, it is concluded that this protocol satisfies two-way authentication, and can resist replay attack, impersonation attack, denial of server attack and password offline attack, which has high security.

Key words: wireless body area network, authentication protocol, dynamic password, asymmetric encryption, SVO logic, Simple Promela Interpreter(SPIN)

摘要:

无线体域网中传输的是与生命高度相关的敏感数据,身份认证是信息安全保护的第一道防线。现有的基于人体生物信息的身份认证方案存在信息难提取、偶然性大和误差性大的问题,基于传统密码学的认证方案需较大计算资源和能量消耗,并不适用于无线体域网环境。为此,在动态口令和非对称加密机制基础上,提出一种适用于无线体域网的动态口令双向认证轻量协议,并对其进行形式化分析。通过理论证明、SVO逻辑推理及SPIN模型检测得出:该协议满足双向认证,且能够抵御重放攻击、伪装攻击、拒绝服务器攻击和口令离线攻击,具有较高安全性。

关键词: 无线体域网, 认证协议, 动态口令, 非对称加密, SVO逻辑, SPIN