可证明安全的智能移动终端私钥保护方案

doi:10.3969/j.issn.1000-436x.2012.12.014

通信学报 ›› 2012, Vol. 33 ›› Issue (12): 108-115.doi: 10.3969/j.issn.1000-436x.2012.12.014

可证明安全的智能移动终端私钥保护方案

马骏^1,²,马建峰¹,郭渊博²

¹ 西安电子科技大学计算机网络与信息安全教育部重点实验室，陕西西安 710071
² 解放军信息工程大学电子技术学院，河南郑州 450004

出版日期:2012-12-25 发布日期:2017-07-15
基金资助:
长江学者和创新团队发展计划基金资助项目;国家自然基金委员会——广东联合基金重点基金资助项目;国家科技部重大专项基金资助项目;河南省科技创新杰出青年计划基金资助项目

Provably secure private key protection scheme for smart mobile terminal

Jun MA^1,²,Jian-feng MA¹,Yuan-bo GUO²

¹ Key Laboratory of Computer Networks and Informatio urity(Ministry of Education),Xidian University,Xi’an 710071,China
² Institute of Electronic Technique,PLA Information Engineering University,Zhengzhou 450004,China

Online:2012-12-25 Published:2017-07-15
Supported by:
The Program for Changjiang Scholars and Innovative Research Team in University;The Key Program of NSFC-Guangdong Union Foundation;The Major National S＆T Program

摘要/Abstract

摘要：

摘要：提出一种可证明安全的智能移动终端私钥保护方案。充分利用口令保护、密钥分割与服务器动态交互获取部分私钥等技术保证用户私钥安全。与其他方案相比，该方案的优势在于：减少了智能移动终端的计算量和存储量，简化了交互过程参数的设置；将时间同步贯穿整个方案的设计过程，防止重放攻击的同时，更提供了便捷高效的用户私钥失效方案。方案达到了安全私钥获取和高效私钥失效的效果，符合智能移动终端的安全应用需求，在随机预言机模型下是可证明安全的。

关键词: 私钥保护, 可证明安全, 随机预言机模型

Abstract:

A provable security scheme for private key protection of smart mobile terminal (SMT) was presented.In the scheme a improved security mechanism is incorporated,which includes password protection,key division and partial key retrieval from server of strong computing capability in order to protect private key security.Compared with previous proposals,the scheme has the following advantages.It reduces computation amount and storage of SMT,and simplifies parameter setting for interaction processes.It takes time synchronization between SMT and server into account.The latter characteristic not only provides better protection of scheme from replay attacks,but also offers a highly efficient mechanism of user private key disabling,and avoiding complex operation of user and extra storage of other device.The investigation has indicated that improved private key protection to SMT can be well achieved with this scheme.The scheme has also been proved to provide satisfactory security in the random oracle model.

Key words: private key protection, provable security, random oracle model

马骏,马建峰,郭渊博. 可证明安全的智能移动终端私钥保护方案[J]. 通信学报, 2012, 33(12): 108-115.

Jun MA,Jian-feng MA,Yuan-bo GUO. Provably secure private key protection scheme for smart mobile terminal[J]. Journal on Communications, 2012, 33(12): 108-115.

图/表 1

参考文献 14

[1]	STUDER A , PERRIG A . Mobile user location-specific encryption (MULE):using your office as your password[A]. Proceedings of the 3rd ACM Conference on Wireless Network Security (WiSec '10)[C]. 2010.
[2]	VILA E , BOROVSKA P . Data protection utilizing trusted platform module[J]. Opportunities in Opportunistic Computing, 2010,43(1): 42-50.
[3]	Trusted Computing Group. TPM main part 3 commands,spec fication version 1.2,level 2 revision 103[EB/OL]. , 2007.
[4]	JOHN P , LEE R B . Protecting cryptographic keys and computations via virtual secure coprocessing[A]. ACM SIGARCH Computer Architecture News[C]. 2005.
[5]	LOCASTO M E , SIDIROGLOU S , KEROMYTIS A D . Speculative virtual verification:policy-constrained speculative execution[A]. Proceedings of the New Security Paradigms Workshop (NSPW)[C]. 2005. 170-175.
[6]	BELLOVIN S , MERRITT M . Augmented encrypted key exchange:a password-based protocol secure against dictionary attacks and pass-word file compromise[A]. Proceedings of the 1st ACM Conference on Computer and Communication Security[C]. New York, 1993. 244-250.
[7]	FENG D G , XU J . A new client-to-client password-authenticated key agreement protocol[A]. Proceedings of IWCC 2009[C]. Berlin,Springer-Verlag, 2009. 63-76.
[8]	PERLMAN R , KAUFMAN C . Secure password-based protocol for downloading a private key[A]. Proc NDSS’99[C]. 1999.
[9]	GOLDREICH O , GOLDWASSER S , MICALI S . How to construct random functions[J]. ACM, 1986,33(4): 210-217.
[10]	BELLARE M . New proofs for NMAC and HMAC:security without collision-resistance[A]. CRYPTO 2006[C]. Springer Verlag, 2006. 602-619.
[11]	MACKENZIE P , REITER M . Networked cryptographic devices resilient to capture[A]. Proc IEEE Symposium on Security and Privacy[C]. Springer Verlay, 2001.
[12]	XU S , SANDHU R A . Scalable and security cryptographic service[A]. Data and Applications Security XXI[C]. Berlin,Springer Verlag, 2007. 144-160.
[13]	BELLARE M , ROGAWAY P . Random oracles are practical-a paradigm for designing efficient protocols[A]. Proceedings of the First ACM Conference on Computer and Communications Security[C]. 1993. 62-73.
[14]	BELLARE M , ROGAWAY P . The exact security of digital signatureshow to sign with rsa and rabin[A]. Proceedings of EUROCRYPT’96[C]. 1996. 399-416.

[1]	廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022, 43(4): 95-106.
[2]	尹安琪, 郭渊博, 汪定, 曲彤洲, 陈琳. 可证明安全的抗量子两服务器口令认证密钥交换协议[J]. 通信学报, 2022, 43(3): 14-29.
[3]	郭渊博, 尹安琪. 基于格的口令认证密钥交换协议综述[J]. 通信学报, 2022, 43(12): 172-187.
[4]	刘镇,韩益亮,杨晓元,柳曙光. 基于RLWE的可证明安全无陷门签密方案[J]. 通信学报, 2020, 41(6): 14-25.
[5]	彭长根, 张小玉, 丁红发, 杨善慧. 基于Cocks身份密码体制的高效签密方案[J]. 通信学报, 2020, 41(12): 128-138.
[6]	田有亮,李秋贤,张铎,王琳杰. 可证明安全的理性委托计算协议[J]. 通信学报, 2019, 40(7): 135-143.
[7]	王彩芬,陈丽. 基于格的用户匿名三方口令认证密钥协商协议[J]. 通信学报, 2018, 39(2): 21-30.
[8]	王真,马兆丰,罗守山. 基于身份的移动互联网高效认证密钥协商协议[J]. 通信学报, 2017, 38(8): 19-27.
[9]	莫若,马建峰,刘西蒙,李琦. 支持树形访问结构的多权威基于属性的签名方案[J]. 通信学报, 2017, 38(7): 96-104.
[10]	李昊星,李凤华,宋承根,阎亚龙. 支持身份认证的数据持有性证明方案[J]. 通信学报, 2016, 37(10): 117-127.
[11]	张宇，杜瑞颖，陈晶，侯健，周庆，王文武. 对一个基于身份签密方案的分析与改[J]. 通信学报, 2015, 36(11): 174-179.
[12]	杜红珍,温巧燕. 改进的无证书有序多重签名方案[J]. 通信学报, 2015, 36(10): 56-61.
[13]	魏江宏，刘文芬，胡学先. 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014, 35(7): 5-45.
[14]	马海英，曾国荪，王占君，王伟. 高效可证明安全的基于属性的在线/离线加密机制[J]. 通信学报, 2014, 35(7): 13-112.
[15]	魏江宏,刘文芬,胡学先. 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014, 35(7): 38-45.

可证明安全的智能移动终端私钥保护方案

Provably secure private key protection scheme for smart mobile terminal

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 1

参考文献 14

相关文章 15

Metrics

推荐阅读 0