基于RLWE支持身份隐私保护的双向认证密钥协商协议

doi:10.11959/j.issn.1000-436x.2019218

通信学报 ›› 2019, Vol. 40 ›› Issue (11): 180-186.doi: 10.11959/j.issn.1000-436x.2019218

基于RLWE支持身份隐私保护的双向认证密钥协商协议

杨亚涛^1,²,韩新光^1,²(),黄洁润²,赵阳²

¹ 西安电子科技大学通信工程学院，陕西西安 710071
² 北京电子科技学院电子与通信工程系，北京 100070

修回日期:2019-07-27 出版日期:2019-11-25 发布日期:2019-12-06
作者简介:杨亚涛（1978– ），男，河南平顶山人，博士，北京电子科技学院副教授、硕士生导师，主要研究方向为密码学与信息安全。|韩新光（1994– ），男，陕西咸阳人，西安电子科技大学硕士生，主要研究方向为格理论与信息安全。|黄洁润（1995– ），女，江苏南通人，北京电子科技学院硕士生，主要研究方向为格密码与信息安全。|赵阳（1995– ），男，山东日照人，北京电子科技学院硕士生，主要研究方向为密码学与信息安全。
基金资助:
“十三五”国家密码发展基金资助项目(MMJJ20170110)

Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE

Yatao YANG^1,²,Xinguang HAN^1,²(),Jierun HUANG²,Yang ZHAO²

¹ School of Telecommunication Engineering,Xidian University,Xi’an 710071,China
² Department of Electronic and Communication Engineering,Beijing Electronic Science and Technology Institute,Beijing 100070,China

Revised:2019-07-27 Online:2019-11-25 Published:2019-12-06
Supported by:
State Cryptography Development Fund of Thirteen Five-Year(MMJJ20170110)

摘要/Abstract

摘要：

为了解决执行认证密钥交换协议时通信双方身份隐私保护问题，提出了一种基于C类承诺机制的抗量子攻击的双向认证密钥协商协议。该协议通过 C 类承诺函数隐藏通信双方的真实身份信息，并基于 RLWE 困难问题，在保障身份匿名的前提下，通过2轮的消息交互不仅完成了双向身份认证，而且保证了传输消息的完整性，并协商出共享会话密钥。经过分析，在协议执行效率上，完成匿名的双向认证与密钥协商只需2轮的消息传输，与 Ding等的协议对比，公钥长度缩短近 50%；在安全性上，所提协议能够抵抗伪造、重放、密钥复制和中间人攻击。所提协议在eCK模型下满足可证明安全性，同时所提协议基于格上的RLWE困难问题，可抵抗量子计算攻击。

关键词: 隐私保护, 承诺机制, 格, 双向认证, 环上误差学习问题

Abstract:

In order to solve the problem of identity privacy preservation between two participants involved when implementing authenticated key agreement protocol,a bidirectional authenticated key agreement protocol against quantum attack based on C commitment scheme was proposed.Through the design of C commitment function,the real identity information of two participants involved was hidden.Based on RLWE difficult problem,under the premise to ensure identity anonymity,this protocol not only completed two-way identity authentication,but also ensured the integrity of the transmitted message,furthermore,the shared session key was negotiated.After been analyzed,in terms of protocol’s execution efficiency,only two rounds of message transmission were needed to complete anonymous two-way authentication and key agreement in the proposed scheme.Compared with Ding’s protocol,the length of public key was reduced by nearly 50%.With regard to security,the protocol could resist forgery,replay,key-copy,and man-in-the-middle attacks.It is proved that the proposed protocol satisfies the provable security under the eCK model.At the same time,the protocol is based on the RLWE problem of lattices,and can resist quantum computing attacks.

Key words: privacy preservation, commitment mechanism, lattice, bidirectional authentication, ring learning with error

中图分类号:

TN918.4

杨亚涛,韩新光,黄洁润,赵阳. 基于RLWE支持身份隐私保护的双向认证密钥协商协议[J]. 通信学报, 2019, 40(11): 180-186.

Yatao YANG,Xinguang HAN,Jierun HUANG,Yang ZHAO. Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE[J]. Journal on Communications, 2019, 40(11): 180-186.

图/表 2

参考文献 30

[1]	DODIS Y , MIRONOV I ， STEPHENS-DAVIDOWITZ N . Message transmission with reverse firewalls-secure communication on corrupted machines[C]// Annual Cryptology Conference. Springer, 2016: 341-372.
[2]	DIFFIE W , HELLMAN M E . New directions in cryptography[J]. IEEE Transactions on Information Theory, 1976,22(6): 644-654.
[3]	LI L H , LIN L C , HWANG M S . A remote password authentication scheme for multiserver architecture using neural networks[J]. IEEE Transactions on Neural Networks, 2001,12(6): 1498-1504.
[4]	LIU C , LIN C , HARN L ,et al. Security analysis of remote password authentication schemes for multiserver architecture using neural networks[J]. Journal of Computational ＆ Theoretical Nanoscience, 2012,7(1): 680-683.
[5]	TSAUR W J , WU C C , LEE W B . A smart card-based remote scheme for password authentication in multi-server Internet services[J]. Computer Standards ＆ Interfaces, 2004,27(1): 39-51.
[6]	JUANG W S . Efficient multi-server password authenticated key agreement using smart cards[J]. IEEE Transactions on Consumer Electronics, 2004,50(1): 251-255.
[7]	CHANG C C , LEE J S . An efficient and secure multi-server password authentication scheme using smart cards[C]// International Conference on Cyberworlds. 2004: 417-422.
[8]	REGEV O . On lattices,learning with errors,random linear codes,and cryptography[J]. Journal of the ACM, 2009,56(6): 1-40.
[9]	LIAO Y P , WANG S S . A secure dynamic ID based remote user authentication scheme for multi-server environment[J]. Computer Standards ＆ Interfaces, 2009,31(1): 24-29.
[10]	WU T Y , TSENG Y M . An efficient user authentication and key exchange protocol for mobile client-server environment[J]. Computer Networks, 2010,54(9): 1520-1530.
[11]	YOON E J , YOO K Y . A new efficient ID-based user authentication and key exchange protocol for mobile client-server environment[C]// IEEE International Conference on Wireless Information Technology ＆ Systems. IEEE, 2010: 1-4.
[12]	LYUBASHEVSKY V , PEIKERT C , REGEV O . On ideal lattices and learning with errors over rings[C]// International Conference on the Theory and Applications of Cryptographic Techniques. Springer, 2010: 1-23.
[13]	HE D B , CHEN J H , HU J . An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security[J]. Information Fusion, 2012,13(3): 223-230.
[14]	ISLAM S H , BISWAS G P . Comments on ID-based client authentication with key agreement protocol on ECC for mobile client-server environment[C]// International Conference on Advances in Computing and Communications. Springer, 2011: 628-635.
[15]	HAO F , RYAN P . J-PAKE:authenticated key exchange without PKI[J]. Transactions on Computational Science, 2010,6480: 192-206.
[16]	ZHANG J , ZHANG Z , DING J ,et al. Authenticated key exchange from ideal lattices[C]// Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2015). Berlin Heidelberg:Springer, 2015: 719-751.
[17]	姚期智, 赵运磊 . 一种高效且隐私保护的会话密钥协商方法:CN105162585A[J].(2015–12–16)[2019-01-28].
	YAO Q Z , ZHAO Y L . An efficient session key agreement method with privacy preservation:CN105162585A[J].(2015–12–16)[2019-01-28].
[18]	赵运磊, 李俊全 . 一种身份隐藏且非延展安全的认证密钥协商方法:CN105099671A[J].(2015–11–25)[2019-01-28].
	ZHAO Y L , LI J Q . An authentication key agreement method with hidden identify and non extended security:CN105099671A[J].(2015–11–25)[2019-01-28].
[19]	STEBILA D , MOSCA M . Post-quantum key exchange for the Internet and the open quantum safe project[C]// International Conference on Selected Areas in Cryptography. Berlin Heidelberg:Springer, 2016: 14-37.
[20]	李文敏, 温巧燕, 张华 . 基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2008,29(10): 149-152.
	LI W M , WEN Q Y , ZHANG H . Verifier-based password-authenticated key exchange protocol for three-party[J]. Journal on Communications, 2008,29(10): 149-152.
[21]	TSENG Y M , HUANG S S , YOU M L . Strongly secure ID-based authenticated key agreement protocol for mobile multiserver environments[J]. International Journal of Communication Systems, 2016,30(11): 1-13.
[22]	WU F , XU L L , LI X . A new chaotic map-based authentication and key agreement scheme with user anonymity for multi-server environment[C]// International Conference on Frontier Computing. Springer, 2018: 335-344.
[23]	SHARMA G , SAHU R A , KUCHTA V ,et al. Authenticated group key agreement protocol without pairing[C]// International Conference on Information and Communications Security. Springer, 2018: 606-618.
[24]	JHENG Y S , TSO R , CHEN C M ,et al. Password-based authenticated key exchange from lattices for client/server model[C]// International Conference on Ubiquitous Information Technologies and Applications. Springer, 2017: 315-319.
[25]	张宗洋 . 承诺和零知识的非延展属性研究[D]. 上海:上海交通大学, 2012.
	ZHANG Z Y . Non-malleable commitments and non-malleable zero-knowledge[D]. Shanghai:Shanghai Jiao Tong University, 2012.
[26]	MICCIANCIO D , REGEV O . Worst-case to average-case reductions based on Gaussian measures[C]// 45th Annual IEEE Symposium on Foundations of Computer Science. IEEE Computer Society, 2004: 372-381.
[27]	KATZ J , VAIKUNTANATHAN V . Smooth projective hashing and password-based authenticated key exchange from lattices[C]// 15th International Conference on the Theory and Application of Cryptology and Information Security. Springer, 2009: 636-652.
[28]	DING J , ALSAYIGH S , LANCRENON J ,et al. Provably secure password authenticated key exchange based on RLWE for the post-quantum world[C]// RSA Conference Cryptographers’ Track 2017. Springer, 2017: 183-204.
[29]	杨晓燕, 侯孟波, 魏晓超 . 基于验证元的三方口令认证密钥交换协议[J]. 计算机研究与发展, 2016,53(10): 2230-2238.
	YANG X Y , HOU M B , WEI X C . Verifier-based three-party password authenticated key exchange protocol[J]. Journal of Computer Research＆ Development, 2016,53(10): 2230-2238.
[30]	王彩芬, 陈丽 . 基于格的用户匿名三方口令认证密钥协商协议[J]. 通信学报, 2018,39(2): 21-30.
	WANG C F , CHEN L . Three-party password authenticated key agreement protocol with user anonymity based on lattice[J]. Journal on Communications, 2018,39(2): 21-30.

协议	用户匿名性	双向认证	消息完整性验证	抵抗不可测字典攻击	困难假设	运算方法	公钥长度/bit	消息传输轮数/轮
文献[27]方案	否	否	—	否	LWE	矩阵运算	(2n+1)lgq	3
文献[16]方案	否	是	—	是	RLWE	环运算	(2n+1)lgq	2
文献[28]方案	否	是	—	是	RLWE	环运算	2nlgq	2、3
文献[29]方案	否	是	—	是	ASPH	环运算	(2n+1)lgq	4
文献[30]方案	是	是	—	是	RLWE	环运算	2nlgq	3
文献[24]方案	否	是	否	是	RLWE	环运算	nlgq	2
本文方案	是	是	是	是	RLWE	环运算	nlgq	2

基于RLWE支持身份隐私保护的双向认证密钥协商协议

Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 30

相关文章 15

Metrics

推荐阅读 0

[1]	马鑫迪, 李清华, 姜奇, 马卓, 高胜, 田有亮, 马建峰. 面向Non-IID数据的拜占庭鲁棒联邦学习[J]. 通信学报, 2023, 44(6): 138-153.
[2]	陈晓玉, 孙连峰, 张钇涵. 具有大零相关区宽度的Ⅱ型偶长Z-互补对构造方法[J]. 通信学报, 2023, 44(6): 167-174.
[3]	冯涛, 陈李秋, 方君丽, 石建明. 基于本地化差分隐私和属性基可搜索加密的区块链数据共享方案[J]. 通信学报, 2023, 44(5): 224-233.
[4]	夏莹杰, 朱思雨, 刘雪娇. 区块链架构下具有条件隐私的车辆编队跨信任域高效群组认证研究[J]. 通信学报, 2023, 44(4): 111-123.
[5]	胡柏吉, 张晓娟, 李元诚, 赖荣鑫. 支持多功能的V2G网络隐私保护数据聚合方案[J]. 通信学报, 2023, 44(4): 187-200.
[6]	徐明, 张保俊, 伍益明, 应晨铎, 郑宁. 面向网络攻击和隐私保护的多智能体系统分布式共识算法[J]. 通信学报, 2023, 44(3): 117-127.
[7]	余晟兴, 陈钟. 基于同态加密的高效安全联邦学习聚合框架[J]. 通信学报, 2023, 44(1): 14-28.
[8]	张学旺, 黎志鸿, 林金朝. 基于公平盲签名和分级加密的联盟链隐私保护方案[J]. 通信学报, 2022, 43(8): 131-141.
[9]	王振宇, 郭阳, 李少青, 侯申, 邓丁. 面向轻量级物联网设备的高效匿名身份认证协议设计[J]. 通信学报, 2022, 43(7): 49-61.
[10]	廉欢欢, 侯慧莹, 赵运磊. 后量子基于验证元的三方口令认证密钥交换协议[J]. 通信学报, 2022, 43(4): 95-106.
[11]	王继锋, 王国峰. 边缘计算模式下密文搜索与共享技术研究[J]. 通信学报, 2022, 43(4): 227-238.
[12]	封化民, 史瑞, 袁峰, 李艳俊, 杨旸. 高效的强隐私保护和可转让的属性票据方案[J]. 通信学报, 2022, 43(3): 63-75.
[13]	曹阳, 钟烨, 彭醇陵, 彭小峰. 基于混合供能和能量协作的异构网络能量效率优化算法[J]. 通信学报, 2022, 43(3): 135-147.
[14]	毛伊敏, 甘德瑾, 廖列法, 陈志刚. 基于Spark框架和ASPSO的并行划分聚类算法[J]. 通信学报, 2022, 43(3): 148-163.
[15]	郭渊博, 尹安琪. 基于格的口令认证密钥交换协议综述[J]. 通信学报, 2022, 43(12): 172-187.