计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 68-72.doi: 10.11896/jsjkx.191000008
所属专题: 智能移动身份认证
秦艳琳, 吴晓平, 胡卫
QIN Yan-lin, WU Xiao-ping, HU Wei
摘要: 认证密钥协商协议在网络安全通信中用于实现用户之间的相互认证和密钥协商。一些大规模网络应用中通常设置了多重PKG,高层的PKG认证下属的低层级PKG的身份并负责为它们生成私钥。目前适用于多重PKG环境的身份基认证密钥协商协议大多利用双线性对设计,运算效率较低,同时还存在安全性问题。为提高已有方案的安全性和效率,基于椭圆曲线密码体制提出了一种多重PKG环境中的身份基认证密钥协商协议,该协议中多个PKG之间不是相互独立的,而是具有层级隶属关系,更贴近实际应用。对该协议进行安全性分析,分析结果表明该协议能弥补已有方案的安全漏洞,满足抗临时密钥泄露、前向安全性、抗假冒攻击等安全属性,并且协商双方的计算中均不含双线性对运算,与同类方案相比具有更高的运算效率。
中图分类号:
[1] HARN L,LIN C L.Efficient group Diffie-Hellman key agree-mentprotocols[J].Computers and Electrical Engineering,2014,40(6):1972-1980. [2] SHAMIR A.Identity based cryptosystems and signatureschemes[C]//Advances in Cryptology Crypto84.Berlin:Springer-Verlag,1984:47-53. [3] NOSE P.Security weaknesses of a signature scheme and authen-ticated key agreement protocols[J].Information Processing Letters,2014,114(3):107-115. [4] WANG Y G.Efficient Identity-Based and Authenticated Key Agreement Protocol[J].Lecture Notes in Computer Science,2013,7420(1):172-197. [5] TAN Z W.An efficient pairing-free identity-based authenticated group key agreement protocol[J].International Journal of Communication Systems,2015,28(3):534-545. [6] DANG L J,XU J,CAO X F.Efficient identity-based authenticated key agreement protocol with provable security for vehicularad hoc networks[J].International Journal of Distributed Sensor Networks,2018,14(4):1-16. [7] HASSAN A,OMALA A A,ALI M.Identity-Based User Au-thenticated Key Agreement Protocol for Multi-Server Environment with Anonymity[J].Mobile Networks and Applications,2019,24(3):890-902. [8] LI Q R,HSU C F,CHOO K K R.A Provably Secure and Light-weight Identity-Based Two-Party Authenticated Key Agreement Protocol for Vehicular Ad Hoc Networks[EB/OL].(2019-02-24) [2019-12-28].https://doi.org/10.1155/2019/7871067. [9] WU J D,TSENG Y M,HUANG S S.An Identity-Based Au-thenticated Key Exchange Protocol Resilient to Continuous Key Leakage[J].IEEE Systems Journal,2019,13(4):3968-3979. [10] ASWATHY S V,LAKSHMY K V,SETHUMADHAVAN M.A Customer Identity based Authenticated Key AgreementProtocol for LTE Standard[J].International Journal of Pure and Applied Mathematics,2018,118(18):2911-2921. [11] FARASH M S,ATTARI M A.Provably secure and efficientidentity-based key agreement protocol for independent PKGs using ECC[J].ISC International Journal of Information Security,2013,5(1):55-70. [12] MISHRA D,MUKHOPADHYAY S.Cryptanalysis of pairing-free identity-based authenticated key agreement protocols[C]//ICISS 2013.Berlin:Springer,2013:247-254. [13] ZHOU H,WANG X F,SU J S.An Efficient Identity-Based Key Agreement Protocol in a Multiple PKG Environment[J].Wuhan University Journal of Natural Sciences,2014,19(5):455-460. [14] FUJIOKA A.One-Round Exposure-Resilient Identity-BasedAuthenticated Key Agreement with Multiple Private Key Generators[M]//Paradigms in Cryptology-Mycrypt 2016.Cham:Springer,2016:436-460. [15] CAO C L,LIU M Q,ZHANG R.Provably Secure Authenticated Key Agreement Protocol Based on Hierarchical Identity[J].Journal of Electronics & Information Technology,2014,36(12):2848-2854. [16] MAO K F,CHEN J,LIU J W.Security Analysis and Improvements of Hierarchical Identity Based Authenticated key Agreement Scheme[J].Journal of Electronics & Information Technology,2016,38(10):2619-2626. [17] MIRACL.Multiprecision integer and rational arithmetic C/C++Library[EB/OL].(2004-03-12) [2016-12-28].http://indigo.ie/mscott. [18] CHEN L,CHENG Z,SMART N P.Identity-Based key agree-ment protocols from pairings[J].International Journal of Information Security,2007,6(4):213-241. |
[1] | 张小艳, 李秦伟, 付福杰. 基于数字承诺的区块链交易金额保密验证方法 Secret Verification Method of Blockchain Transaction Amount Based on Digital Commitment 计算机科学, 2021, 48(9): 324-329. https://doi.org/10.11896/jsjkx.200800123 |
[2] | 叶胜男, 陈建华. 一个强安全的无证书签名方案的分析和改进 Security Analysis and Improvement of Strongly Secure Certificateless Digital Signature Scheme 计算机科学, 2021, 48(10): 272-277. https://doi.org/10.11896/jsjkx.201200117 |
[3] | 刘帅, 陈建华. 无双线性对的无证书签名方案及其在配电网中的应用 Certificateless Signature Scheme Without Bilinear Pairings and Its Application in Distribution Network 计算机科学, 2020, 47(9): 304-310. https://doi.org/10.11896/jsjkx.200500002 |
[4] | 尤文珠, 葛海波. 二进制域上椭圆曲线密码ECC的高性能FPGA实现 High-performance FPGA Implementation of Elliptic Curve ECC on Binary Domain 计算机科学, 2020, 47(8): 127-131. https://doi.org/10.11896/jsjkx.200600112 |
[5] | 殷秋实, 陈建华. 多服务器环境下基于椭圆曲线密码的改进的身份认证协议 Improved Identity Authentication Protocol Based on Elliptic Curve Cryptographyin Multi-server Environment 计算机科学, 2018, 45(6): 111-116. https://doi.org/10.11896/j.issn.1002-137X.2018.06.019 |
[6] | 王刚,孙良旭,曾子维,杨丹. 一种非对等无线传感器网络环境中安全高效的混合密钥管理机制 Secure and Efficient Hybrid Key Management Mechanism in Heterogeneous WSN 计算机科学, 2016, 43(7): 153-156. https://doi.org/10.11896/j.issn.1002-137X.2016.07.027 |
[7] | 郭松辉,牛小鹏,王玉龙. 一种基于椭圆曲线的轻量级身份认证及密钥协商方案 Elliptic Curve Based Light-weight Authentication and Key Agreement Scheme 计算机科学, 2015, 42(1): 137-141. https://doi.org/10.11896/j.issn.1002-137X.2015.01.032 |
[8] | 邬贵明,郑方,谢向辉,吴东,严忻恺. GF(2m)上椭圆曲线标量乘的硬件结构实现 Hardware Implementation of Scalar Multiplication on Elliptic Curves over GF(2m) 计算机科学, 2015, 42(1): 79-81. https://doi.org/10.11896/j.issn.1002-137X.2015.01.018 |
[9] | 李忠. 抗SPA攻击的快速标量乘法 Fast Scalar Multiplication with Resistance Against SPA Attacks 计算机科学, 2014, 41(Z6): 374-376. |
[10] | 周克元. 基于椭圆曲线和因子分解双难题的数字签名方案 Digital Signature Scheme Based on Elliptic Curve and Factoring 计算机科学, 2014, 41(Z6): 366-368. |
[11] | 王电钢,丁雪峰,黄昆. 不含双线性对的无证书签密方案安全性分析与改进 Security Analysis and Improvement of Strongly Secure Certificateless Key Agreement Protocol 计算机科学, 2013, 40(Z11): 203-209. |
[12] | 郭萍,傅德胜,朱节中,袁程胜. 无线Mesh网络轻量级容侵CA方案 Scheme of Lite and Tolerant Certification Authority for Wireless Mesh Network 计算机科学, 2013, 40(12): 200-204. |
[13] | 徐彦蛟,李顺东,王道顺,吴春英. 基于椭圆曲线公钥系统的不经意传输协议 Oblivious Transfer Based on Elliptic Curve Public Key Cryptosystems 计算机科学, 2013, 40(12): 186-191. |
[14] | 王玉玺,张串绒,张柄虹. 一种改进的固定基点标量乘快速算法 Improved Fast Algorithm of Scalar Multiplication for Fix Base Point 计算机科学, 2013, 40(10): 135-138. |
[15] | 李忠,彭代渊. 基于滑动窗口技术的快速标量乘法 Fast Scalar Multiplication Based on Sliding Window Technology 计算机科学, 2012, 39(Z6): 54-56. |
|