计算机科学

计算机科学 ›› 2015, Vol. 42 ›› Issue (1): 137-141.doi: 10.11896/j.issn.1002-137X.2015.01.032

• 信息安全 • 上一篇    下一篇

一种基于椭圆曲线的轻量级身份认证及密钥协商方案

郭松辉,牛小鹏,王玉龙   

  1. 信息工程大学 郑州450002,信息工程大学 郑州450002,信息工程大学 郑州450002
  • 出版日期:2018-11-14 发布日期:2018-11-14
  • 基金资助:
    本文受国家自然科学基金(61072047)资助

Elliptic Curve Based Light-weight Authentication and Key Agreement Scheme

GUO Song-hui, NIU Xiao-peng and WANG Yu-long   

  • Online:2018-11-14 Published:2018-11-14

PDF (PC)

867

摘要: 无证书公钥密码体制不存在用户密钥托管问题,也不需要使用证书,可以解决传统公钥密码体制在应用过程中耗时耗资源都比较多的问题。基于素域上的椭圆曲线加法群,提出了一个无证书的身份认证及密钥协商方案,其主要包括认证协议与核心算法。该方案消除了双线性对运算,完成双向认证只需要两次通信,提高了认证和密钥产生的效率,效率比已有协议提高了至少10%;充分利用椭圆曲线上的点加运算,加快了计算速度,在不考虑网络通信耗时的情况下双向认证及产生共享密钥只需要20ms左右。同时该方案能满足已知会话密钥的通信安全、主密钥的前向保密性、抗密钥泄露后的伪装攻击等安全属性。该方案尤其适合于不活跃网络对象之间的安全通信。

关键词: 椭圆曲线,无证书公钥加密,身份认证,密钥协商

Abstract: Certificateless public key cryptosystem has appealing features,namely it does not require the use of certificates and does not have a private key escrow problem,and it can to some extent solve the problem of time consuming and resource consuming of traditional public key cryptography.This paper proposed an elliptic curve based certificateless authentication and key agreement scheme,which includes a protocol and several core algorithms.This scheme can finish two party authentications in double communication without bilinear pairing computing,and greatly increase the efficiency of authentication by 30% compared with the formal protocols.The scheme makes the most of point addition of elliptic curve,increasing the computing speed,and it can complete the authentication and generate the shared key in 20ms without considering the network communication time consuming.The scheme also satisfies communication safety under the exposure of shared key,master key forward secrecy,perfect forward secrecy and key compromise impersonation resilience.The scheme is more suitable for the restricted computing resource of the communication environment,such as wireless sensors,Ad hoc networks,and so on.

Key words: Elliptic curve,Certificateless public key cryptosystem,Authentication,Key agreement

[1] 杨力,张俊伟,马建峰.改进的移动计算平台直接匿名证明方案[J].通信学报,2013,34(6):69-75
[2] 吴一尘,鲍苏苏.基于对称密钥加密的RSN密钥协商改进方案[J].计算机技术与发展,2013,23(6):132-135
[3] 唐祚波,缪祥华.一种三方认证密钥协商协议的分析与改进 [J].计算机工程,2013,39(1):139-143
[4] 李丽琳,刘柱文.认证密钥协商协议的研究与分析[J].计算机安全,2013,4:43-46
[5] 刘唐,汪小芬,肖国镇.一个强安全的无证书密钥协商协议的安全性分析与改进[J].计算机科学,2012,39(12):73-76
[6] Al-Riyami S S,Paterson K.Certificateless Public Key Cryptography[C]∥Advances in Cryptology-ASIACRYPT’03.Berlin:Springer-Verlag,2003:452-473
[7] Mokhtarnameh R,Ho S B,Muthuvelu N.An Enhanced Certificatelss Authenticated Key Agreement Protocol[C]∥Proc.of 13th International Conference on Advanced Communication Technology.Piscataway,NJ,USA:IEEE Press,2011:802-806
[8] 杨浩民,张尧学,周悦芝.基于双线性对的无证书两方认证密钥协商协议[J].清华大学学报:自然科学版,2012,2(9):1293-1297
[9] 舒剑.可证安全的无证书两方认证密钥协商协议[J].小型微型计算机系统,2012,3(9):2056-2063
[10] Mandt T K.Certificateless authenticated two-party key agreement protocol [D].Oppland Gjovik University College,2006
[11] 朱志馨,董晓蕾.高效安全的无证书密钥协商方案[J].计算机应用研究,2009,26(12):4787-4790
[12] Gao Meng,Zhang Fu-tai.Key-compromise Impersonation At-tacks on Some Certificateless Key Agreement Protocols and Two Improved Protocols[C]∥Proc.of the 1st International Workshop on Education Technology and Computer Science.Wuhan,China,2009:62-66
[13] 曹雪菲,寇卫东,樊凯,等.无双线性对的基于身份的认证密钥协商协议[J].电子与信息学报,2009,1(5):1241-1244
[14] 潘进,刘小琼,李国朋.无双线性对的无证书两方认证密钥协商协议 [J].计算机应用研究,2012,9(6):2240-2243
[15] 刘文浩,许春香.无证书两方密钥协商方案[J].软件学报,2011,2(11):2843-2852
[16] 张磊,张福泰.一类无证书签名方案的构造方法 [J].计算机学报,2009,2(5):940-945
No related articles found!
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发