期刊名称:International Journal of New Computer Architectures and their Applications
印刷版ISSN:2220-9085
出版年度:2011
卷号:1
期号:2
页码:384-395
出版社:Society of Digital Information and Wireless Communications
摘要:Most remote authentication schemes use key exchange protocol to provide secure communication over an untrusted network. The protocol enables remote client and host to authenticate each other and communicate securely with prearranged shared secret key or server secret key. Many remote services environment such as online banking and electronic commerce are dependent on remote authentication schemes to validate user legitimacy in order to fulfill the authentication process. Unfortunately, these schemes are not able to provide trust or evidence of claimed platform identity. Therefore, these schemes are vulnerable to malicious software attacks that could compromise the integrity of the platform used for the communication. As a result, user identity or shared secret key potentially can be exposed. In this paper, we present a remote authentication scheme using secure key exchange protocol with hardware based attestation to resist malicious software attack. In addition, a pseudonym identity enhancement is integrated into the scheme in order to improve user identity privacy.
