无线体域网中高效可撤销的无证书远程匿名认证协议

doi:10.11959/j.issn.1000-436x.2018064

通信学报 ›› 2018, Vol. 39 ›› Issue (4): 100-111.doi: 10.11959/j.issn.1000-436x.2018064

无线体域网中高效可撤销的无证书远程匿名认证协议

张顺,范鸿丽,仲红,田苗苗

安徽大学计算机科学与技术学院，安徽合肥 230601

出版日期:2018-04-01 发布日期:2018-04-29
作者简介:张顺（1982-），男，安徽安庆人，安徽大学副教授、硕士生导师，主要研究方向为信息安全、信息计算复杂性。|范鸿丽（1993-），女，安徽滁州人，安徽大学硕士生，主要研究方向为网络与信息安全。|仲红（1965-），女，安徽固镇人，安徽大学教授、博士生导师，主要研究方向为无线传感网、安全多方计算、私有信息保护。|田苗苗（1987-），男，安徽阜阳人，安徽大学副教授、硕士生导师，主要研究方向为密码学和信息安全。
基金资助:
国家自然科学基金资助项目(11301002);国家自然科学基金资助项目(61572001);国家自然科学基金资助项目(61502443);安徽省高校省级优秀青年人才重点基金资助项目(2013SQRL006ZD)

Efficient revocable certificateless remote anonymous authentication protocol for wireless body area network

Shun ZHANG,Hongli FAN,Hong ZHONG,Miaomiao TIAN

School of Computer Science and Technology,Anhui University,Hefei 230601,China

Online:2018-04-01 Published:2018-04-29
Supported by:
The National Natural Science Foundation of China(11301002);The National Natural Science Foundation of China(61572001);The National Natural Science Foundation of China(61502443);Talents Youth Fund of Anhui Province Universities(2013SQRL006ZD)

摘要/Abstract

摘要：

为了保证无线体域网（WBAN,wireless body area network）中病人生理数据的安全和隐私，通信双方必须进行相互认证。现有的一些方案使用双线性对导致用户计算代价较大，其采用树形结构进行撤销会导致用户的存储代价较大。为了实现撤销同时降低用户端的代价，构造了基于椭圆曲线的可撤销无证书远程匿名认证协议，基于即时更新时间密钥技术进行撤销。协议满足匿名性，相互认证和会话密钥建立等安全需求。与现有方案相比，实验分析表明认证协议用户端的计算代价和存储代价大幅降低，更适用于资源受限的无线体域网。安全性分析证实了协议在随机预言模型下是安全的。

关键词: 无线体域网, 匿名认证, 可撤销, 无证书

Abstract:

To ensure the security and privacy of patients’ health data in wireless body area network (WBAN),communication parties must be mutual authenticated.Now some bilinear pairings led to a larger computation cost for users and tree structure revocation would lead to larger user storage cost.In order to achieve revocation and reduce the cost of the user side,a novel revocable certificate less remote anonymous authentication protocol for WBAN was proposed by using elliptic curve cryptography and revoke algorithm that could revoke users by updating their time-private-keys.Security requirements including anonymity,mutual authentication and session key establishment were satisfied in proposed scheme.Compared with the existing schemes,the experimental analysis shows that the computation cost and storage cost of the authentication protocol are greatly reduced,which is more suitable for resource-constrained WBAN.Security analysis also shows that the protocol is secure in the random oracle model.

Key words: wireless body area network, anonymous authentication, revocation, certificateless

中图分类号:

TP309，TP393

张顺,范鸿丽,仲红,田苗苗. 无线体域网中高效可撤销的无证书远程匿名认证协议[J]. 通信学报, 2018, 39(4): 100-111.

Shun ZHANG,Hongli FAN,Hong ZHONG,Miaomiao TIAN. Efficient revocable certificateless remote anonymous authentication protocol for wireless body area network[J]. Journal on Communications, 2018, 39(4): 100-111.

图/表 11

图1

图2

图3

表1

撤销过程"

用户注册	$I D_{C_{1}}$ 撤销	$I D_{{AP}_{1}}$ 撤销
$(I D_{C_{1}}, t_{1})$	$(I D_{C_{1}}, t_{1})$	$(I D_{C_{1}}, t_{1})$
$⋮$	$⋮$	$⋮$
$(I D_{C_{n}}, t_{1})$	$(I D_{C_{n}}, t_{2})$	$(I D_{C_{n}}, t_{3})$
$(I D_{{AP}_{1}}, t_{1})$	$(I D_{{AP}_{1}}, t_{2})$	$(I D_{{AP}_{1}}, t_{2})$
$⋮$	$⋮$	$⋮$
$(I D_{{AP}_{k}}, t_{1})$	$(I D_{{AP}_{k}}, t_{2})$	$(I D_{{AP}_{k}}, t_{3})$

表1

图4

表2

图5

图6

表3

表4

表5

PKG撤销代价对比"

协议		复杂度
协议	r =0	$1 \leq r \leq \frac{n}{2}$	$\frac{n}{2} < r \leq n$
文献[13]协议	O(1)	$O (r \log (\frac{n}{r}))$	O (n?r)
本文协议	O (1)	O (n?r)	O (n?r)

表5

参考文献 19

[1]	ZIMMERMAN T G . Personal area networks:near-field intra body communications[J]. IBM System Journal, 1996,35(3/4): 609-617.
[2]	LAMPORT L . Password authentication with insecure communication[J]. Communications of the ACM, 1981,24(24): 770-772.
[3]	LI M , YU S , LOU W ,et al. Group device pairing based secure sensor association and key management for body area networks[C]// Conference on Information Communications. 2010: 2651-2659.
[4]	LI M , YU S , GUTTMAN J D ,et al. Secure ad hoc trust initialization and key management in wireless body area networks[J]. ACM Transactions on Sensor Networks, 2013,9(2): 1-35.
[5]	YANG J H , CHANG C C . An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem[J]. Computer Security, 2009,28(3-4): 138-143.
[6]	HE D , CHEN J , HU J . An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security[J]. Information Fusion, 2012,13(3): 223-230.
[7]	HE D , ZEADALLY S , KUMAR N ,et al. Anonymous authentication for wireless body area networks with provable security[J]. IEEE System Journal, 2016,(99): 1-12.
[8]	SHAMIR A . Identity-based cryptosystems and signature schemes[M]// Advances in Cryptology (Lecture Notes in Computer Science). Springer-Verlag, 1984,196: 47-53.
[9]	Al-RIYAMI S S , PATERSON K G . Certificateless public key cryptography[C]// International Conference on the Theory and Application of Cryptology and Information Security. 2003: 452-473.
[10]	LIU J , ZHANG Z , SUN R ,et al. An efficient certificateless remote anonymous authentication scheme for wireless body area networks[C]// IEEE International Conference on Communications. 2012: 3404-3408.
[11]	LIU J , ZHANG Z , CHEN X ,et al. Certificateless remote anonymous authentication schemes for wireless body area networks[J]. IEEE Transactions on Parallel ＆ Distributed Systems, 2014,25(2): 332-342.
[12]	XIONG H . Cost-effective scalable and anonymous certificateless remote authentication protocol[J]. IEEE Transactions on Information Forensics ＆ Security, 2014,9(12): 2327-2339.
[13]	XIONG H , QIN Z . Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks[J]. IEEE Transactions on Information Forensics ＆ Security, 2015,10(7): 1442-1455.
[14]	SEO J H , EMURA K . Revocable identity-based cryptosystem revisited:security models and constructions[M]. IEEE Press, 2014.
[15]	TSAI T T , TSENG Y M . Revocable certificateless public key encryption[J]. IEEE Systems Journal, 2015,9(3): 824-833.
[16]	CILARDO A , COPPOLINO L , MAZZOCCA N ,et al. Elliptic curve cryptography engineering[J]. Proceedings of the IEEE, 2006,94(2): 395-406.
[17]	BELLARE M , NEVEN G . Multi-signatures in the plain public-key model and a general forking lemma[C]// ACM Conference on Computer and Communications Security. 2006: 390-399.
[18]	CARO A D , IOVINO V . jPBC:Java pairing based cryptography[C]// Computers and Communications. 2011: 850-855.
[19]	CHATTERJEE S , DAS A , SING J . An enhanced access control scheme in wireless sensor networks[J]. Ad-Hoc Sensor Wireless Network, 2014,21(1-2): 121-149.

安全性需求	文献[12]协议	文献[13]协议	本文协议
用户匿名性	√	√	√
相互认证性	√	√	√
不可链接性	√	√	√
会话密钥安全性	√	√	√
前向安全性	√	√	√
可撤销性	×	√	√

协议	存储代价/bit
协议	C端	AP端
文献[12]协议	480+352 m	480
文献[13]协议	1 024 a+1 696	1 024 a+1 696
本文协议	800+512 m	800

协议	通信代价/bit
文献[12]协议	1 024
文献[13]协议	4 832
本文协议	1 184

无线体域网中高效可撤销的无证书远程匿名认证协议

Efficient revocable certificateless remote anonymous authentication protocol for wireless body area network

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 19

相关文章 15

Metrics

推荐阅读 0

[1]	冯霞, 崔凯平, 谢晴晴, 王良民. VANET中基于区块链的分布式匿名认证方案[J]. 通信学报, 2022, 43(9): 134-147.
[2]	王子园, 杜瑞忠. 边缘环境下基于无证书公钥密码的数据完整性审计方案[J]. 通信学报, 2022, 43(7): 62-72.
[3]	王竹, 杨思琦, 李凤华, 耿魁, 彭婷婷, 史梦瑶. 高效可证明安全的无证书有序聚合签名方案[J]. 通信学报, 2022, 43(5): 58-67.
[4]	张文波, 黄文华, 冯景瑜. 基于无证书签密的车联社会网络安全通信机制[J]. 通信学报, 2021, 42(7): 128-136.
[5]	崔琪楣, 赵文静, 顾晓阳, 朱增宝, 朱晓暄, 陶小峰, 倪巍. 面向B5G网络的高效切换认证与安全密钥更新机制[J]. 通信学报, 2021, 42(12): 96-108.
[6]	齐芳,李艳梅,汤哲. 可撤销和可追踪的密钥策略属性基加密方案[J]. 通信学报, 2018, 39(11): 63-69.
[7]	秦艳琳,吴晓平,胡卫. 抗密钥泄露的无证书签密方案[J]. 通信学报, 2017, 38(Z2): 43-50.
[8]	许芷岩,吴黎兵,李莉,何德彪. 无线漫游认证中可证安全的无证书聚合签名方案[J]. 通信学报, 2017, 38(7): 123-130.
[9]	宋成,张明月,彭维平,贾宗璞,刘志中,闫玺玺. 基于双线性对的车联网批量匿名认证方案研究[J]. 通信学报, 2017, 38(6): 49-57.
[10]	牛淑芬,牛灵,王彩芬,李亚红. 标准模型下可证明安全的无证书广义签密[J]. 通信学报, 2017, 38(4): 35-45.
[11]	张维纬,张育钊,黄焯,张茹,杨义先. 支持安全外包计算的无线体域网数据共享方案[J]. 通信学报, 2017, 38(4): 64-75.
[12]	宋成,张明月,彭维平,贾宗璞,刘志中,闫玺玺. 基于非线性对的车联网无证书批量匿名认证方案研究[J]. 通信学报, 2017, 38(11): 35-43.
[13]	许芷岩,吴黎兵,李莉,何德彪. 新的无证书广义指定验证者聚合签名方案[J]. 通信学报, 2017, 38(11): 76-83.
[14]	曹进,郑怡清,李晖. WBAN网络中条件隐私保护的远程用户认证方案[J]. 通信学报, 2016, 37(Z1): 63-71.
[15]	苏航,刘建伟,陶芮. 无证书的层次认证密钥协商协议[J]. 通信学报, 2016, 37(7): 161-171.