云环境下基于密码学的SQRL认证协议轻量级版本

2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI) Pub Date : 2018-05-17 DOI:10.1109/SACI.2018.8440957

Iulian Aciobanitei, Iulian Catalin Buhus, Mihai-Lica Pura

{"title":"云环境下基于密码学的SQRL认证协议轻量级版本","authors":"Iulian Aciobanitei, Iulian Catalin Buhus, Mihai-Lica Pura","doi":"10.1109/SACI.2018.8440957","DOIUrl":null,"url":null,"abstract":"The most used authentication method is based on usernames and passwords. But this is also one of the weakest. As the two values are static, anyone who finds them can impersonate the authentic user. Over the years several new authentications principles have been proposed, such as two factor authentication based on One Time Passwords, but they have failed to gain a broad acceptance. A special kind of propositions are the authentication protocols using QR codes, from which SQRL is the most famous. From the point of view of authentication this protocol accomplishes its goals, allowing the user to authenticate to any system implementing the scheme without physical interaction except with the users smart phone which is a trustworthy device. But implementing the protocol is not exactly easy. This paper proposes a new version of SQRL that uses cloud cryptography for the needed cryptographic operations thus providing a simple and natural answer to all the hard question raised by practical implementations and without eliminating any advantages of the oriainal protocol.","PeriodicalId":126087,"journal":{"name":"2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI)","volume":"147 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Lightweight Version of SQRL Authentication Protocol Based on Cryptography in the Cloud\",\"authors\":\"Iulian Aciobanitei, Iulian Catalin Buhus, Mihai-Lica Pura\",\"doi\":\"10.1109/SACI.2018.8440957\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The most used authentication method is based on usernames and passwords. But this is also one of the weakest. As the two values are static, anyone who finds them can impersonate the authentic user. Over the years several new authentications principles have been proposed, such as two factor authentication based on One Time Passwords, but they have failed to gain a broad acceptance. A special kind of propositions are the authentication protocols using QR codes, from which SQRL is the most famous. From the point of view of authentication this protocol accomplishes its goals, allowing the user to authenticate to any system implementing the scheme without physical interaction except with the users smart phone which is a trustworthy device. But implementing the protocol is not exactly easy. This paper proposes a new version of SQRL that uses cloud cryptography for the needed cryptographic operations thus providing a simple and natural answer to all the hard question raised by practical implementations and without eliminating any advantages of the oriainal protocol.\",\"PeriodicalId\":126087,\"journal\":{\"name\":\"2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI)\",\"volume\":\"147 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-05-17\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SACI.2018.8440957\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SACI.2018.8440957","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

最常用的认证方法是基于用户名和密码的认证。但这也是最弱的一个。由于这两个值是静态的，任何发现它们的人都可以冒充真实用户。多年来，已经提出了几种新的身份验证原则，例如基于一次性密码的双因素身份验证，但它们未能获得广泛接受。一类特殊的命题是使用QR码的认证协议，其中SQRL最为著名。从认证的角度来看，该协议实现了它的目标，允许用户在没有物理交互的情况下对任何实现该方案的系统进行认证，除了用户的智能手机是一个值得信赖的设备。但实施该协议并不容易。本文提出了一个新版本的SQRL，它使用云加密进行所需的加密操作，从而为实际实现中提出的所有难题提供了一个简单而自然的答案，并且不会消除原始协议的任何优点。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Lightweight Version of SQRL Authentication Protocol Based on Cryptography in the Cloud

The most used authentication method is based on usernames and passwords. But this is also one of the weakest. As the two values are static, anyone who finds them can impersonate the authentic user. Over the years several new authentications principles have been proposed, such as two factor authentication based on One Time Passwords, but they have failed to gain a broad acceptance. A special kind of propositions are the authentication protocols using QR codes, from which SQRL is the most famous. From the point of view of authentication this protocol accomplishes its goals, allowing the user to authenticate to any system implementing the scheme without physical interaction except with the users smart phone which is a trustworthy device. But implementing the protocol is not exactly easy. This paper proposes a new version of SQRL that uses cloud cryptography for the needed cryptographic operations thus providing a simple and natural answer to all the hard question raised by practical implementations and without eliminating any advantages of the oriainal protocol.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 IEEE 12th International Symposium on Applied Computational Intelligence and Informatics (SACI)

自引率

0.00%

发文量