计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 60-67.doi: 10.11896/jsjkx.191100068

• 智能移动身份认证 • 上一篇    下一篇

云环境下基于代理盲签名的高效异构跨域认证方案

江泽涛, 徐娟娟   

  1. 桂林电子科技大学广西图像图形与智能处理重点实验室 广西 桂林 541004
  • 收稿日期:2019-11-11 修回日期:2020-01-07 出版日期:2020-11-15 发布日期:2020-11-05
  • 通讯作者: 徐娟娟(1903281466@qq.com)
  • 作者简介:394503704@qq.com
  • 基金资助:
    国家自然科学基金(61876049,61762066,61572147);广西科技计划项目(AC16380108);广西图像图形智能处理重点实验项目(GIIP201701,GIIP201801,GIIP201802,GIIP201803);广西研究生教育创新计划资助项目(2019YCXS043)

Efficient Heterogeneous Cross-domain Authentication Scheme Based on Proxy Blind Signature in Cloud Environment

JIANG Ze-tao, XU Juan-juan   

  1. Key Laboratory of Image and Graphic Intelligent Processing in Guangxi,Guilin University of Electronic Technology,Guilin,Guangxi 541004,China
  • Received:2019-11-11 Revised:2020-01-07 Online:2020-11-15 Published:2020-11-05
  • About author:JIANG Ze-tao,born in 1961,Ph.D,professor.His main research interests include image processing,computer vision,and network information security.
    XU Juan-juan,born in 1994,postgra-duate.Her main research interests include network information security and so on.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61876049,61762066,61572147),Guangxi Science and Technology Project(AC16380108),Key Laboratory Project of Image and Graphics Intelligent Processing in Guangxi(GIIP201701,GIIP201801,GIIP201802,GIIP201803) and Funded by the Guangxi Graduate Education Innovation Program(2019YCXS043).

摘要: 针对现有不同体系公钥基础设施(Public Key Infrastructure,PKI)和无证书公钥密码体系(CertificateLess public key Cryptography,CLC)的跨域身份认证方案不能满足身份盲化性以及高效的异构跨域认证问题,提出代理盲签名的高效异构跨域认证方案。该方案重新构造了一个高效、安全的跨域身份认证模型并结合代理签名和盲签名的优点,在云间引入一个可信认证中心CA给予第三方合法代理者可信的代理权限来执行代理盲签名操作。此代理者不仅减少了云间认证中心CA的通信负载,实现不同域授权代理盲签名用户和请求代理盲签用户之间的信息交互,还满足了双向实体身份同步认证的盲化性以及代理盲签名的可识别性,提高了认证安全性。分析结果表明,该方案基于数学困难性问题满足抗替换性攻击、抵抗重放攻击、抗中间人攻击和身份不可追踪性等性能,完成了异域用户之间高效、高安全性的跨域身份认证。

关键词: 异构体系跨域认证, 代理盲签名, 盲化性, 可识别, 跨域身份认证模型

Abstract: In order to solve the problem of identity blindness and efficient heterogeneous cross-domain authentication,an efficient heterogeneous cross-domain authentication scheme based on proxy blind signature is proposed.The scheme reconstructs an efficient and secure cross-domain identity authentication model.Combined with the advantages of proxy signature and blind signature,a trusted certification authority CA is introduced in the cloud to give the third party legal agent the trusted agency authority to perform the proxy blind signature operation.This agent not only reduces the communication load of the inter-cloud certification authority CA,realizes the information interaction between the authorized agent blind signer in different domains and the requesting agent blind signer,but also satisfies the blindness of bidirectional entity identity synchronous authentication and the identi-fiability of the proxy blind signature,and improves the authentication security.The results show that based on the mathematical difficulty,the scheme can meet the performance of anti-substitution attack,resist replay attack,man-in-the-middle attack,identity untraceability and so on,and complete the cross-domain identity authentication with high efficiency and security between foreign users.

Key words: Heterogeneous architecture cross-domain authentication, Proxy blind signature, Blindness, Identifiability, Cross-domain authentication model

中图分类号: 

  • TP309
[1] FENG D G,ZHANG M,ZHANG Y,et al.Study on Cloud Computing Security[J].Journal of Software,2011,22(1):71-83.
[2] LIN J Q,JING J W,ZHANG Q L,et al.Recent advances in PKI technologies[J].Journal of Cryptologic Research,2015,2(6):487-496.
[3] ZHANG F T,SUN Y X,ZHANG L,et al.Research on Certificateless Public Key Cryptography[J].Journal of Software,2011,22(6):1316-1332.
[4] BINU S,MOHAMMED M,RAJ P.A Mobile Based Remote User Authentication Scheme without Verifier Table for Cloud Based Services[C]//Proceedings of the 3rd International Symposium on Women in Computing and Informatics.New York,USA:ACM Press,2015:502-509.
[5] DONG Z,ZHANG L,LI J.Security Enhanced Anonymous Remote User Authentication and Key Agreement for Cloud Computing[C]//Proceedings of the 17th International Conference on Computational Science and Engineering.IEEE Computer Society Press,2014:1746-1751.
[6] YANG X D,AN F I,YANG P,et al.Cross-domain Identity Authentication Scheme in Cloud Based on Certificateless Signature[J].Computer Engineering,2017,43(11):128-133,145.
[7] YANG X D,AN F Y,YANG P,et al.Cross-Domain Authentication Scheme Based on Proxy Re-signature in Cloud Environment[J].Chinese Journal Of Computers,2017,42(4):82-97.
[8] XIE Y R,MA W P,LUO W.New cross-domain authentication mode for information services entity[J].Computer Science,2018,45(9):177-182.
[9] WANG Y,WANG Y L.A Heterogeneous Cross-Domain Au-thentication Model Based on Access Tickets in Virtual Cable Television Network[J].Applied Mechanics and Materials,2015,742:717-720.
[10] MA X T,MA W P,LIU X X.A Cross Domain Authentication Scheme Based on Blockchain Technology[J].Acta Electronica Sinica,2018,46(11):13-21.
[11] HE D,ZEADALLY S,KUMAR N,et al.Anonymous Authentication for Wireless Body Area Networks With Provable Security[J].IEEE Systems Journal,2016,11(4):2590-2601.
[12] ZHOU Z C,LI L X,LI Z H.Efficient cross-domain authentication scheme based on blockchain technology[J].Journal of Computer Applications,2018,38(2):316-320,326.
[13] SHI Y H,LI W S.A Survey of Blind Signature Studies[J].Computer Engineering & Science,2005,27(7):83-85.
[14] YANG X D,CHEN C L,YANG P,et al.Partially blind proxyre-signature scheme with proven security[J].Journal on Communications,2018,39(2):65-72.
[15] ZHAI Z Y,GAO D Z,LIANG X Q,et al.Certificate-based proxyblind signature scheme[J].Computer Engineering and Applications,2014,50(4):57-62.
[16] WANG C F,XU Q B,LIU C,et al.Partial Blind Signcryption Scheme in CLPKC-to-TPKI Heterogeneous Environment[J].Journal of Electronics & Information Technology,2019,41(8):77-85.
[17] NI L,CHEN G,LI J,et al.Strongly secure identity-based authenticated key agreement protocols without bilinear pairings[J].Information Sciences,2016,37(2):205-217.
[18] GE R L,GAO D Z,LIANG J L,et al.Security analysis and improvement of certificateless proxy blind signature[J].Journal of Computer Applications,2012,32(3):705-706,714.
[19] WANG Z H,HAN Z,LIU J Q,et al.ID authentication scheme based on PTPM and certificateless public key cryptography in cloud environment[J].Journal of Software,2016,27(6):1523-1537.
[20] LIU S,ZHU S H.Identity Authentication Scheme in Multi-ser-ver Environment[J].Computer Engineering,2015,41(3):120-124.
[21] YUAN C,ZHANG W,WANG X,et al.Heterogeneous Cross-Domain Authenticated Key Agreement Protocols in the EIM System[J].Arabian Journal for Science & Engineering,2017,42(8):3275-3287.
[1] 王兴威, 侯书会. 一种改进的高效的代理盲签名方案[J]. 计算机科学, 2019, 46(6A): 358-361.
[2] 刘二根,王霞,周华静,郭红丽. 改进的无证书代理盲签名方案[J]. 计算机科学, 2016, 43(8): 92-94.
[3] 李波 邱小平. 基于混合离散对数的盲签名认证研究[J]. 计算机科学, 2004, 31(7): 80-83.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] 张佳男,肖鸣宇. 带权混合支配问题的近似算法研究[J]. 计算机科学, 2018, 45(4): 83 -88 .
[2] 周燕萍,业巧林. 基于L1-范数距离的最小二乘对支持向量机[J]. 计算机科学, 2018, 45(4): 100 -105 .
[3] 杨羽琦,章国安,金喜龙. 车载自组织网络中基于车辆密度的双簇头路由协议[J]. 计算机科学, 2018, 45(4): 126 -130 .
[4] 韩奎奎,谢在鹏,吕鑫. 一种基于改进遗传算法的雾计算任务调度策略[J]. 计算机科学, 2018, 45(4): 137 -142 .
[5] 张景,朱国宾. 基于CBOW-LDA主题模型的Stack Overflow编程网站热点主题发现研究[J]. 计算机科学, 2018, 45(4): 208 -214 .
[6] 文俊浩,孙光辉,李顺. 基于用户聚类和移动上下文的矩阵分解推荐算法研究[J]. 计算机科学, 2018, 45(4): 215 -219 .
[7] 朱金彬,武继刚,隋秀峰. 基于极大团的边缘云节点聚合算法[J]. 计算机科学, 2018, 45(4): 60 -65 .
[8] 朱虹,李千目,李德强. 基于单个卷积神经网络的面部多特征点定位[J]. 计算机科学, 2018, 45(4): 273 -277 .
[9] 项英倬, 谭菊仙, 韩杰思, 石浩. 图匹配技术研究[J]. 计算机科学, 2018, 45(6): 27 -31 .
[10] 王倩, 于来行, 曹彦, 张磊, 秦杰, 叶海琴. 基于Fibonacci置乱的小波域数字图像盲水印算法[J]. 计算机科学, 2018, 45(6): 135 -140 .