共查询到19条相似文献,搜索用时 93 毫秒
1.
基于层级化身份的可证明安全的认证密钥协商协议 总被引:1,自引:0,他引:1
目前基于身份的认证密钥协商协议均以单个私钥生成器(PKG)为可信第三方,但这种系统结构难以满足身份分层注册与认证需求。该文以基于层级化身份的加密(HIBE)系统为基础重构了私钥的组成元素,并利用椭圆曲线乘法循环群上的双线性映射提出一个基于层级化身份的认证密钥协商协议,为隶属于不同层级的云实体提供了安全的会话密钥协商机制。基于CDH(Computational Diffie-Hellman)与GDH(Gap Diffie-Hellman)假设,该文证明了新协议在eCK模型下具有已知密钥安全性、前向安全性和PKG前向安全性,并且能够抵抗基于密钥泄露的伪装攻击。 相似文献
2.
为解决发送者和接收者都具有匿名性的基于属性签密方案中密钥泄露的问题,将密钥隔离机制引入到基于属性签密方案中,给出了基于属性密钥隔离签密的形式化定义和安全模型,构建了随机预言模型下安全的基于属性的密钥隔离签密方案。改进后的方案不仅没有失去原有的双向匿名性,而且满足前向安全性和后向安全性的要求,减轻了密钥泄露带来的危害。最后在安全模型的基础上,给出了双向匿名的基于属性的密钥隔离签密的机密性、认证性和匿名性的安全性证明。 相似文献
3.
4.
针对目前车联网认证密钥协商协议效率低下以及车辆公私钥频繁更新的问题,提出一个基于无证书聚合签名的车联网匿名认证与密钥协商协议.本方案通过引入临时身份和预签名机制实现对车辆的隐私保护以及匿名认证,同时通过构建临时身份索引数据库,实现可信中心对可疑车辆的事后追查,满足车辆的条件匿名性要求.此外,本方案中车辆的公私钥不随其临时身份动态改变,有效避免了已有方案公私钥频繁更新带来的系统开销.同时,为了提供高效的批量认证,采用无双线性对的聚合签名技术,实现了车辆签名的动态聚合和转发,有效降低了签名传递的通信量和云服务器的验证开销.本文方案在eCK模型和CDH问题假设下被证明是形式化安全的. 相似文献
5.
6.
基于证书的密码体制在继承传统公钥基础设施和身份基密码体制优势的同时,避免了证书管理和密钥托管等不足.为了向基于证书的密钥封装机制提供匿名性和抗泄露攻击的能力,本文提出具有多接收者的抗泄露匿名密钥封装机制的形式化定义及抵抗泄露攻击的安全模型,并给出具体的实例化构造;同时基于判定的Diffie-Hellman假设的困难性,对上述实例泄露容忍的选择明文攻击安全性进行了证明.与现有相关构造相比,本文方案不仅具有匿名性、泄露容忍性和多接收者等更优的性能,而且当为多个用户生成封装密钥时具有更优的计算效率. 相似文献
7.
Joux提出的三方密钥协商方案虽然简洁、高效,但不能抵抗中间人攻击。基于无证书公钥密码体制,提出一种新的无证书可认证多方密钥协商方案,新方案将Joux的三方协议拓展至多方,并且具有认证功能。由于新方案中所用的签名为短签名,所以整个认证过程计算效率较高,另外,新方案还具有简单证书管理、无密钥托管的优点,新方案满足无密钥控制、抗中间人的主动攻击、前向安全性和抗密钥泄露伪装攻击等多种安全特性。 相似文献
8.
9.
一种故障容忍的可证安全组密钥协商协议 总被引:1,自引:0,他引:1
对Burmester等人提出的非认证组密钥协商协议的安全性进行了深入分析,指出该协议不能抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.提出了一种故障容忍的组密钥协商(FT-GKA)协议,FT-GKA协议在密钥协商过程中加入了消息正确性的认证机制,该机制利用数字签名技术检测组内恶意节点,并在驱逐恶意节点后保证组内诚实节点能计算出正确的会话密钥,解决了Burmester等人提出协议中存在的内部恶意节点攻击问题.并证明提出的协议在DDH假设下能抵抗敌手的被动攻击,在DL假设和随机预言模型下能够抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.理论分析与实验测试表明,提出的协议具有较高的通信轮效率和较低的计算开销. 相似文献
10.
11.
Liting Lei Wenfang Zhang Yu Wang Xiaomin Wang 《International Journal of Communication Systems》2019,32(12)
Nowadays, seamless roaming service in heterogeneous wireless networks attracts more and more attention. When a mobile user roams into a foreign domain, the process of secure handover authentication and key exchange (AKE) plays an important role to verify the authenticity and establish a secure communication between the user and the access point. Meanwhile, to prevent the user's current location and moving history information from being tracked, privacy preservation should be also considered. However, existing handover AKE schemes have more or less defects in security aspects or efficiency. In this paper, a secure pairing‐free identity‐based handover AKE protocol with privacy preservation is proposed. In our scheme, users' temporary identities will be used to conceal their real identities during the handover process, and the foreign server can verify the legitimacy of the user with the home server's assistance. Besides, to resist ephemeral private key leakage attack, the session key is generated from the static private keys and the ephemeral private keys together. Security analysis shows that our protocol is provably secure in extended Canetti‐Krawczyk (eCK) model under the computational Diffie‐Hellman (CDH) assumption and can capture desirable security properties including key‐compromise impersonation resistance, ephemeral secrets reveal resistance, strong anonymity, etc. Furthermore, the efficiency of our identity‐based protocol is improved by removing pairings, which not only simplifies the complex management of public key infrastructure (PKI) but also reduces the computation overhead of ID‐based cryptosystem with pairings. It is shown that our proposed handover AKE protocol provides better security assurance and higher computational efficiency for roaming authentication in heterogeneous wireless networks. 相似文献
12.
Current identity-based (ID) cryptosystem lacks the mechanisms of two-party authentication and user's private key distribution. Some ID-based signcryption schemes and ID-based authenticated key agreement protocols have been presented, but they cannot solve the problem completely. A novel ID-based authentication scheme based on ID-based encrypfion (IBE) and fingerprint hashing method is proposed to solve the difficulties in the IBE scheme, which includes message receiver authenticating the sender, the trusted authority (TA) authenticating the users and transmitting the private key to them. Furthermore, the scheme extends the application of fingerprint authentication from terminal to network and protects against fingerprint data fabrication. The fingerprint authentication method consists of two factors. This method combines a token key, for example, the USB key, with the user's fingerprint hash by mixing a pseudo-random number with the fingerprint feature. The security and experimental efficiency meet the requirements of practical applications. 相似文献
13.
SK Hafizul Islam 《Wireless Personal Communications》2014,79(3):1975-1991
In mobile multi-server authentication, a client can access different servers over an insecure channel like Internet and wireless networks for numerous online applications. In the literature, several multi-server authentication schemes for mobile clients have been devised. However, most of them are insecure against ephemeral secret leakage (ESL) attack and other vulnerabilities. For mutual authentication and key agreement, mobile client and server used ephemeral secrets (random numbers) and leakage of these secrets may be possible in practice. Since these are generated by an external source that may be controlled by an adversary. Also they are generally pre-computed and stored in insecure devices. Thus, if the secrets are leaked then the session key would turn out to be known and the private keys of client and server may be compromised from the eavesdropped messages. This phenomenon is called ESL attack. To defeat the weaknesses, in this paper, we design an ESL attack-free identity-based mutual authentication and key agreement scheme for mobile multi-server environment. The proposed scheme is analyzed and proven to be provably secure in the random oracle model under the Computational Diffie–Hellman assumption. 相似文献
14.
目前大部分基于身份的三方认证密钥协商协议都存在安全缺陷,文中在Xu等人提出的加密方案的基础上,设计了一种基于身份的三方认证密钥协商协议.该协议的安全性建立在BDDH假设基础上,经安全性分析,协议具有已知密钥安全,PKG前向安全,并能抵抗未知密钥共享攻击和密钥泄露伪装攻击,因此该协议是一个安全的三方密钥协商协议. 相似文献
15.
Certificateless aggregate signature (CLAS) schemes have been widely applied in resource-constrained wireless mobile networks,because they could not only realize batch validation but also solve the certificate management and key escrow problems.It was shown that a certificateless aggregate signature in an anonymous roaming authentication scheme was vulnerable to the signature forge attack.To address the issue,a new secure and efficient certificateless aggregate signature scheme was presented,which required no bilinear pairing operations.And then the security of the scheme under the ECDLP assumption in the random oracle model was proved.Finally the performance of proposed scheme was evaluated.Compared with the original scheme,the proposal is more secure and the total computational cost is greatly reduced . 相似文献
16.
New multiparty authentication services and key agreement protocols 总被引:13,自引:0,他引:13
Ateniese G. Steiner M. Tsudik G. 《Selected Areas in Communications, IEEE Journal on》2000,18(4):628-639
Many modern computing environments involve dynamic peer groups. Distributed simulation, multiuser games, conferencing applications, and replicated servers are just a few examples. Given the openness of today's networks, communication among peers (group members) must be secure and, at the same time, efficient. This paper studies the problem of authenticated key agreement in dynamic peer groups with the emphasis on efficient and provably secure key authentication, key confirmation, and integrity. It begins by considering two-party authenticated key agreement and extends the results to group Diffie-Hellman (1976) key agreement. In the process, some new security properties (unique to groups) are encountered and discussed 相似文献
17.
Cheng Xiangguo Liu Jingmei Guo Lifeng Wang Xinmei 《电子科学学刊(英文版)》2006,23(4):569-573
I. Introduction A multisignature allows any subgroup of a given group of potential signers to jointly sign a message such that a verifier is convinced that each member of the subgroup participated in signing. An aggre-gate signature, recently proposed by Boneh et al.[1], however, is a scheme that allows n members of a given group of potential signers to sign n different messages and all these signatures can be aggregated into a single signature. This single signature will convince the verifie… 相似文献
18.