Computer Science ›› 2018, Vol. 45 ›› Issue (9): 177-182.doi: 10.11896/j.issn.1002-137X.2018.09.029

• Information Security • Previous Articles     Next Articles

New Cross-domain Authentication Model for Information Services Entity

XIE Yan-rong, MA Wen-ping, LUO Wei   

  1. State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China
  • Received:2017-08-05 Online:2018-09-20 Published:2018-10-10

Abstract: To solve the problem that the identity of information services entity(ISE) cannot be revoked immediately in the cross-domain authentication system,a revocable identity-based signature scheme was proposed.Based on the SM9 signature algorithm,a security mediator(SEM) was introduced to keep a part of the private key of the ISE.By terminating the SEM to send the token to ISE to revoke its signature capability,the identity of ISE can be revoked immediately.Based on this scheme,a new cross-domain authentication model for ISE was proposed by taking the combining advantages of certificate-based public key infrastructure(PKI) and identity-based cryptography(IBC).The proposed model is not only flexible and efficient,but also suitable for constructing large-scale application environment of ISE.Meanwhile,a cross-domain authentication protocol was designed to realize the mutual authentication with key agreement between cross-domain entities.Analysis shows that the proposed protocol has high security and low communication and computation cost.

Key words: Authentication, Identity revocation, Information services, Key agreement, Security mediator, SM9

CLC Number: 

  • TP309
[1]CASTIGLIONE A,PALMIERI F,CHEN C L,et al.A blind signature-based approach for cross-domain authentication in the cloud environment[J].International Journal of Data Warehousing and Mining,2016,12(1):34-48.
[2]PENG H X.An identity-based authentication model for multi- domain[J].Chinese Journal of Computers,2006,29(8):1271-1281.(in Chinese)
彭华熹.一种基于身份的多信任域认证模型[J].计算机学报,2006,29(8):1271-1281.
[3]LU X M,FENG D G.An identity-based multi-trust domain grid authentication model [J].Journal of Electronics,2006,34(4):577-582.(in Chinese)
路晓明,冯登国.一种基于身份的多信任域网格认证模型[J].电子学报,2006,34(4):577-582.
[4]ZHANG W B,ZHANG H Q,ZHANG B,et al.An identity-based authentication model for multi-domain in grid environment[C]∥2008 International Conference on Computer Science and Software Engineering.Piscataway,NJ:IEEE Press,2008:165-169.
[5]HE D,ZEADALLY S,KUMAR N,et al.Anonymous authentication for wireless body area networks with provable security[J].IEEE Systems Journal,2016(99):1-12.
[6]CHOU C H,TSAI K Y,LU C F.Two ID-based authenticated schemes with key agreement for mobile environments[J].The Journal of Supercomputing,2013,66(2):973-988.
[7]FARASH M S,ATTARI M A.A secure and efficient identity-based authenticated key exchange protocol for mobile client-server networks[J].The Journal of Supercomputing,2014,69(1):395-411.
[8]NI L,CHEN G L,LI J H,et al.Strongly secure identity-based authenticated key agreement protocols without bilinear pairings[J].Information Sciences,2016,367:176-193.
[9]YUAN C,ZHANG W F,WANG X M.EIMAKP:Heteroge-neous cross-domain authenticated key agreement protocols in the EIM system [J/OL].Arabian Journal for Science and Enginee-ring(2017-02-23)[2017-08-02].https://link.springer.com/article/10.1007/s13369-017-2447-9.
[10]BONEH D,FRANKLIN M.Identity-based encryption from the weil pairing[C]∥Annual International Cryptology Conference.Berlin:Springer-Verlag,2001:213-229.
[11]CHENG X G,GUO L F,WANG X M.An identity-based mediated signature scheme from bilinear pairing[J].International Journal of Network Security,2006,2(1):29-33.
[12]MARTINS P,SOUSA L,CHAWAN P.Featuring immediate
revocation in Mikey-Sakke(FIRM) [C]∥2015 IEEE International Symposium on Multimedia(ISM).Piscataway,NJ:IEEE,2015:501-506.
[13]CHEN Y,JIANG Z L,YIU S M,et al.Fully secure ciphertext-policy attribute based encryption with security mediator[C]∥International Conference on Information and Communications Security.Cham:Springer-Verlag,2014:274-289.
[14]YUAN F,CHENG Z H.Overview on SM9 identity-based cryptographic algorithm[J].Information Security Research,2016,2(11):1008-1027.(in Chinese)
袁峰,程朝辉.SM9标识密码算法综述[J].信息安全研究,2016,2(11):1008-1027.
[15]POINTCHEVAL D,STERN J.Security arguments for digital
signatures and blind signatures[J].Journal of cryptology,2000,13(3):361-396.
[1] SHAO Zi-hao, YANG Shi-yu, MA Guo-jie. Foundation of Indoor Information Services:A Survey of Low-cost Localization Techniques [J]. Computer Science, 2022, 49(9): 228-235.
[2] JIAN Qi-rui, CHEN Ze-mao, WU Xiao-kang. Authentication and Key Agreement Protocol for UAV Communication [J]. Computer Science, 2022, 49(8): 306-313.
[3] CHEN Yan-bing, ZHONG Chao-ran, ZHOU Chao-ran, XUE Ling-yan, HUANG Hai-ping. Design of Cross-domain Authentication Scheme Based on Medical Consortium Chain [J]. Computer Science, 2022, 49(6A): 537-543.
[4] LIANG Zhen-zhen, XU Ming. Key Agreement Scheme Based on Ocean Acoustic Channel [J]. Computer Science, 2022, 49(6): 356-362.
[5] SONG Tao, LI Xiu-hua, LI Hui, WEN Jun-hao, XIONG Qing-yu, CHEN Jie. Overview of Research on Security Encryption Authentication Technology of IoV in Big Data Era [J]. Computer Science, 2022, 49(4): 340-353.
[6] WANG Xiang-yu, YANG Ting. Routing Directory Server Defined by Smart Contract [J]. Computer Science, 2021, 48(6A): 504-508.
[7] CAO Meng, YU Yang, LIANG Ying, SHI Hong-zhou. Key Technologies and Development Trends of Big Data Trade Based on Blockchain [J]. Computer Science, 2021, 48(11A): 184-190.
[8] LIAN Wen-juan, ZHAO Duo-duo, FAN Xiu-bin, GENG Yu-nian, FAN Xin-tong. CFL_BLP_BC Model Based on Authentication and Blockchain [J]. Computer Science, 2021, 48(11): 36-45.
[9] NI Liang, WANG Nian-ping, GU Wei-li, ZHANG Qian, LIU Ji-zhao, SHAN Fang-fang. Research on Lattice-based Quantum-resistant Authenticated Key Agreement Protocols:A Survey [J]. Computer Science, 2020, 47(9): 293-303.
[10] WU Yu-hong and HU Xiang-dong. Study on Security of Industrial Internet Network Transmission [J]. Computer Science, 2020, 47(6A): 360-363.
[11] MO Tian-qing and HE Yong-mei. SIP Authentication Key Agreement of Protocol Based on Certificateless [J]. Computer Science, 2020, 47(6A): 413-419.
[12] CHEN Meng-dong, GUO Dong-sheng, XIE Xiang-hui, WU Dong. Design and Implementation of Rule Processor Based on Heterogeneous Computing Platform [J]. Computer Science, 2020, 47(4): 312-317.
[13] ZHAO Nan,ZHANG Guo-an. Authenticated Privacy Protection Scheme Based on Certificateless Ring Signcryption in VANET [J]. Computer Science, 2020, 47(3): 312-319.
[14] LI Zhao-bin, CUI Zhao, WEI Zhan-zhen, ZHAO Hong, GUO Chao. Wireless Network Authentication Method Based on Physical Layer Channel Characteristics [J]. Computer Science, 2020, 47(12): 267-272.
[15] WANG Chun-dong, LUO Wan-wei, MO Xiu-liang, YANG Wen-jun. Survey on Mutual Trust Authentication and Secure Communication of Internet of Vehicles [J]. Computer Science, 2020, 47(11): 1-9.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!