通信学报 ›› 2019, Vol. 40 ›› Issue (11): 180-186.doi: 10.11959/j.issn.1000-436x.2019218

• 学术通信 • 上一篇    下一篇

基于RLWE支持身份隐私保护的双向认证密钥协商协议

杨亚涛1,2,韩新光1,2(),黄洁润2,赵阳2   

  1. 1 西安电子科技大学通信工程学院,陕西 西安 710071
    2 北京电子科技学院电子与通信工程系,北京 100070
  • 修回日期:2019-07-27 出版日期:2019-11-25 发布日期:2019-12-06
  • 作者简介:杨亚涛(1978– ),男,河南平顶山人,博士,北京电子科技学院副教授、硕士生导师,主要研究方向为密码学与信息安全。|韩新光(1994– ),男,陕西咸阳人,西安电子科技大学硕士生,主要研究方向为格理论与信息安全。|黄洁润(1995– ),女,江苏南通人,北京电子科技学院硕士生,主要研究方向为格密码与信息安全。|赵阳(1995– ),男,山东日照人,北京电子科技学院硕士生,主要研究方向为密码学与信息安全。
  • 基金资助:
    “十三五”国家密码发展基金资助项目(MMJJ20170110)

Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE

Yatao YANG1,2,Xinguang HAN1,2(),Jierun HUANG2,Yang ZHAO2   

  1. 1 School of Telecommunication Engineering,Xidian University,Xi’an 710071,China
    2 Department of Electronic and Communication Engineering,Beijing Electronic Science and Technology Institute,Beijing 100070,China
  • Revised:2019-07-27 Online:2019-11-25 Published:2019-12-06
  • Supported by:
    State Cryptography Development Fund of Thirteen Five-Year(MMJJ20170110)

摘要:

为了解决执行认证密钥交换协议时通信双方身份隐私保护问题,提出了一种基于C类承诺机制的抗量子攻击的双向认证密钥协商协议。该协议通过 C 类承诺函数隐藏通信双方的真实身份信息,并基于 RLWE 困难问题,在保障身份匿名的前提下,通过2轮的消息交互不仅完成了双向身份认证,而且保证了传输消息的完整性,并协商出共享会话密钥。经过分析,在协议执行效率上,完成匿名的双向认证与密钥协商只需2轮的消息传输,与 Ding等的协议对比,公钥长度缩短近 50%;在安全性上,所提协议能够抵抗伪造、重放、密钥复制和中间人攻击。所提协议在eCK模型下满足可证明安全性,同时所提协议基于格上的RLWE困难问题,可抵抗量子计算攻击。

关键词: 隐私保护, 承诺机制, 格, 双向认证, 环上误差学习问题

Abstract:

In order to solve the problem of identity privacy preservation between two participants involved when implementing authenticated key agreement protocol,a bidirectional authenticated key agreement protocol against quantum attack based on C commitment scheme was proposed.Through the design of C commitment function,the real identity information of two participants involved was hidden.Based on RLWE difficult problem,under the premise to ensure identity anonymity,this protocol not only completed two-way identity authentication,but also ensured the integrity of the transmitted message,furthermore,the shared session key was negotiated.After been analyzed,in terms of protocol’s execution efficiency,only two rounds of message transmission were needed to complete anonymous two-way authentication and key agreement in the proposed scheme.Compared with Ding’s protocol,the length of public key was reduced by nearly 50%.With regard to security,the protocol could resist forgery,replay,key-copy,and man-in-the-middle attacks.It is proved that the proposed protocol satisfies the provable security under the eCK model.At the same time,the protocol is based on the RLWE problem of lattices,and can resist quantum computing attacks.

Key words: privacy preservation, commitment mechanism, lattice, bidirectional authentication, ring learning with error

中图分类号: 

[1] 金家德. PTN力助运营商IP RAN建设步伐[J]. 电信科学, 2009, 25(11): 104 -105 .
[2] 夏 明,董亚波,鲁东明,薛 平. RelicNet:面向野外文化遗址微气象环境监测的高可靠无线传感系统[J]. 通信学报, 2008, 29(11): 23 -185 .
[3] 卓永宁,朱立东,吴诗其. 低轨卫星信道自适应模糊估计算法[J]. 通信学报, 2006, 27(8): 5 -34 .
[4] 张令文,谈振辉. 基于泰勒级数展开的蜂窝TDOA定位新算法[J]. 通信学报, 2007, 28(6): 2 -11 .
[5] 江金光,李天望. 低电压环形振荡器设计[J]. 通信学报, 2007, 28(6): 10 -65 .
[6] 赵贤敬,郑宝玉,钱小聪,傅洪亮. 协作发射分集系统及其误码性能分析[J]. 通信学报, 2007, 28(1): 7 -48 .
[7] 孙 君,朱洪波. 物联网距离和业务特征结合的频谱接入方法[J]. 通信学报, 2012, 33(4): 4 -30 .
[8] 孟利民,吴晚霞. 基于链路稳定性算法的DSR协议研究[J]. 通信学报, 2008, 29(11A): 9 -50 .
[9] 赵 娟,郭 平,邓宏钟,吴 俊,谭跃进,张 敏. 用户行为统计特性对通信网络性能可靠性的影响[J]. 通信学报, 2013, 34(1): 5 -50 .
[10] 金章赞,廖明宏,肖 刚. 否定选择算法综述[J]. 通信学报, 2013, 34(1): 18 -170 .