基于身份的移动互联网高效认证密钥协商协议

doi:10.11959/j.issn.1000-436x.2017176

通信学报 ›› 2017, Vol. 38 ›› Issue (8): 19-27.doi: 10.11959/j.issn.1000-436x.2017176

基于身份的移动互联网高效认证密钥协商协议

王真,马兆丰,罗守山

北京邮电大学网络空间安全学院，北京 100876

修回日期:2017-04-18 出版日期:2017-08-01 发布日期:2017-09-07
作者简介:王真（1989-），男，河南舞阳人，北京邮电大学博士生，主要研究方向为信息安全、移动互联网安全、信息安全与灾备技术。|马兆丰（1974-），男，甘肃镇原人，博士，北京邮电大学讲师，主要研究方向为数字版权管理、移动互联网安全、计算机网络安全。|罗守山（1962-），男，安徽肥东人，北京邮电大学教授、博士生导师，主要研究方向为编码密码学、网络与信息安全。
基金资助:
国家自然科学基金资助项目(61272519);国家自然科学基金资助项目(61170297);国家自然科学基金资助项目(61572080);国家自然科学基金资助项目(61472258)

Identity-based efficient authentication and key agreement protocol for mobile Internet

Zhen WANG,Zhao-feng MA,Shou-shan LUO

School of Cyberspace Security，Beijing University of Posts and Telecommunications，Beijing 100876，China

Revised:2017-04-18 Online:2017-08-01 Published:2017-09-07
Supported by:
The Nationa1 Natura1 Science Foundation of China(61272519);The Nationa1 Natura1 Science Foundation of China(61170297);The Nationa1 Natura1 Science Foundation of China(61572080);The Nationa1 Natura1 Science Foundation of China(61472258)

摘要/Abstract

摘要：

针对椭圆曲线中双线性对运算计算开销较大和PKI中证书管理的问题，利用基于身份的公钥密码算法和椭圆曲线加法群上的 GDH 困难问题，设计了一种高效安全的认证密钥协商协议，并在随机预言机模型下证明了协议的安全性。分析表明，该协议满足已知会话密钥安全性、完美前向安全性、抗临时密钥泄露攻击和抗会话密钥托管等安全属性，且能够在仅5次标量乘法运算后完成参与方之间的相互认证和会话密钥协商，具有较小的计算开销。

关键词: 基于身份密码学, 认证密钥协商, 随机预言机模型, 椭圆曲线

Abstract:

For the bad computation overhead of bi1inear pairings in e11iptic curve and the prob1ems of certificate management in the PKI，an efficient and secure authentication key agreement protoco1 was proposed based on the identity-based cryptosystem and GDH difficu1t prob1em on the additive group of e11iptic curve.Meanwhi1e，the security of the new protoco1 was proved under the random orac1e mode1.The ana1ysis shows that the new protoco1 meets security properties such as known session key security，perfect forward security，ephemera1 secret 1eakage resistance and the session key escrow resistance.The proposed protoco1 has the good computationa1 overhead for it was ab1e to comp1ete the mutua1 authentication and session key agreement between parties under on1y 5 times sca1ar mu1tip1ication.

Key words: identity-based cryptosystem, authentication key agreement, random orac1e mode1, e11iptic curve

中图分类号:

TP309

王真,马兆丰,罗守山. 基于身份的移动互联网高效认证密钥协商协议[J]. 通信学报, 2017, 38(8): 19-27.

Zhen WANG,Zhao-feng MA,Shou-shan LUO. Identity-based efficient authentication and key agreement protocol for mobile Internet[J]. Journal on Communications, 2017, 38(8): 19-27.

图/表 2

参考文献 16

[1]	REDDY A G , YOON E J , DAS A K ,et al. Lightweight authentication with key-agreement protocol for mobile network environment using smart cards[J]. IET Information Security, 2016,10(5): 272-282.
[2]	SHAMIR A , . Identity-based cryptosystems and signature schemes[C]// Workshop on the Theory and Application of Cryptographic Techniques. Springer Berlin Heidelberg, 1984: 47-53.
[3]	王圣宝, 曹珍富, 董晓蕾 . 标准模型下可证安全的身份基认证密钥协商协议[J]. 计算机学报, 2007,30(10): 1842-1852.
	WANG S B , CAO Z F , DONG X L . Provably secure identity-based authenticated key agreement protocols in the standard model[J]. Chinese Journal of Computers, 2007,30(10): 1842-1852.
[4]	曹雪菲, 寇卫东, 樊凯 ,等. 无双线性对的基于身份的认证密钥协商协议[J]. 电子与信息学报, 2009,31(5): 1241-1244.
	CAO X F , KOU W D , FAN K ,et al. An identity-based authenticated key agreement protocol without bilinear pairing[J]. Journal of Electronics and Information Technology, 2009,31(5): 1241-1244.
[5]	高海英 . 可证明安全的基于身份的认证密钥协商协议[J]. 计算机研究与发展, 2012,49(8): 1685-1689.
	GAO H Y . Provable secure ID-based authenticated key agreement protocol[J]. Journal of Computer Research and Development, 2012,49(8): 1685-1689.
[6]	ISLAM S H . A provably secure ID-based mutual authentication and key agreement scheme for mobile multi-server environment without ESL attack[J]. Wireless Personal Communications, 2014,79(3): 1975-1991.
[7]	高志刚, 冯登国 . 高效的标准模型下基于身份认证密钥协商协议[J]. 软件学报, 2011,22(5): 1031-1040.
	GAO Z G , FENG D G . Efficient identity-based authenticated key agreement protocol in the standard model[J]. Journal of Software, 2011,22(5): 1031-1040.
[8]	CHEN L , CHENG Z , SMART N P . Identity-based key agreement protocols from pairings[J]. International Journal of Information Security, 2007,6(4): 213-241.
[9]	KILINC H H , ALLABERDIYEV Y , YANIK T ,et al. Efficient ID-based authentication and key agreement protocols for the session initiation protocol[J]. Turkish Journal of Electrical Engineering ＆Computer Sciences, 2015,23(2): 560-579.
[10]	SUN H , WEN Q , ZHANG H ,et al. A strongly secure identity-based authenticated key agreement protocol without pairings under the GDH assumption[J]. Security and Communication Networks, 2015,8(17): 3167-3179.
[11]	AL-RIYAMI S S , PATERSON K G . Certificateless public key cryptography[C]// International Conference on the Theory and Application of Cryptology and Information Security. Springer Berlin Heidelberg, 2003: 452-473.
[12]	ZHANG L . Certificateless one-pass and two-party authenticated key agreement protocol and its extensions[J]. Information Sciences, 2015,293: 182-195.
[13]	GHOREISHI S M , RAZAK S A , ISNIN I F ,et al. New secure identity-based and certificateless authenticated key agreement protocols without pairings[C]// Biometrics and Security Technologies(ISBAST),2014 International Symposium. IEEE, 2014: 188-192.
[14]	HUANG H , CAO Z . An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem[C]// ACM Symposium on Information,Computer and Communications Security,ASIACCS 2009. Sydney,Australia,DBLP, 2009: 333-342.
[15]	FIORE D , GENNARO R . Identity-based key exchange protocols without pairings[M]// Transactions on Computational Science X. Springer-Verlag, 2010: 42-77.
[16]	李坤 . 基于身份的认证密钥协商协议研究[D]. 西安电子科技大学, 2013.
	LI K . Study of identity-based authentication key exchange protocol[D]. Xidian University, 2013.

协议	困难问题假设	计算开销	抗ESL攻击	交互次数
文献[3]	q-ABDHE	2P+5E	是	1
文献[4]	DCDH	4M	否	2
文献[6]	CDH	2P+4M	是	2
文献[15]	SDH	4E	是	1
文献[16]	CDH	4M	是	1
本文协议	GDH	5M	是	1

基于身份的移动互联网高效认证密钥协商协议

Identity-based efficient authentication and key agreement protocol for mobile Internet

在线阅读

PDF下载

可视化

被引次数

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 16

相关文章 15

Metrics

推荐阅读 0

[1]	张海波, 陈舟, 黄宏武, 贺晓帆. VANET系统中基于中国剩余定理的群内相互认证密钥协商协议[J]. 通信学报, 2022, 43(1): 182-193.
[2]	刘辉, 刘鑫衍, 许艳, 仲红, 王梦. 隐私保护的VANET警告消息发布协议[J]. 通信学报, 2021, 42(8): 120-129.
[3]	董江涛, 闫沛文, 杜瑞忠. 雾计算中基于无配对CP-ABE可验证的访问控制方案[J]. 通信学报, 2021, 42(8): 139-150.
[4]	于斌, 黄海, 刘志伟, 赵石磊, 那宁. 面向多椭圆曲线的高速标量乘法器设计与实现[J]. 通信学报, 2020, 41(12): 100-109.
[5]	丁晟,曹进,李晖. 基于OBDD访问结构的无配对CP-ABE方案[J]. 通信学报, 2019, 40(12): 1-8.
[6]	徐明,史量. 基于伪四维投射坐标的多基链标量乘法[J]. 通信学报, 2018, 39(5): 74-84.
[7]	秦艳琳,吴晓平,胡卫. 抗密钥泄露的无证书签密方案[J]. 通信学报, 2017, 38(Z2): 43-50.
[8]	莫若,马建峰,刘西蒙,李琦. 支持树形访问结构的多权威基于属性的签名方案[J]. 通信学报, 2017, 38(7): 96-104.
[9]	苏航,刘建伟,陶芮. 无证书的层次认证密钥协商协议[J]. 通信学报, 2016, 37(7): 161-171.
[10]	秦艳琳,吴晓平,胡卫. 高效的无证书多接收者匿名签密方案[J]. 通信学报, 2016, 37(6): 129-136.
[11]	梁艳,张筱,郑志明. 基于无证书群签名方案的电子现金系统[J]. 通信学报, 2016, 37(5): 184-190.
[12]	吴黎兵,谢永,张宇波. 面向车联网高效安全的消息认证方案[J]. 通信学报, 2016, 37(11): 1-10.
[13]	杜红珍,温巧燕. 改进的无证书有序多重签名方案[J]. 通信学报, 2015, 36(10): 56-61.
[14]	李晋国1,2，林亚平1,2，李睿1,2，周四望1,2. 车载自组织网络中基于椭圆曲线零知识证明的匿名安全认证机制[J]. 通信学报, 2013, 34(5): 6-61.
[15]	马骏,马建峰,郭渊博. 可证明安全的智能移动终端私钥保护方案[J]. 通信学报, 2012, 33(12): 108-115.