移动自组网椭圆曲线门限签名加密算法安全性分析

移动自组网是一种新型的无线移动网络,安全性是限制其广泛应用的主要瓶颈.引入了一种适合于移动自组网的椭圆曲线门限签名加密方案,该方案不但能保证数据通信的私密性、完整性以及移动节点的安全认证,而且具有通信代价小、低运算复杂度以及健壮性等优点.     

移动自组网中基于动态第三方的可信公平非抵赖协议

由于移动自组网Manet(Mobile Ad-hoc Networks)是一个无中心的网络且不存在值得信任的结点,传统的公平非抵赖协议因需要一个固定可信第三方TTP(Trusted Third Party)而不足以保证Manet的高效性和安全性.本文在可信平台模块TPM(Trusted Platform Module)的安全体系结构基础上提出了一种Manet中基于动态第三方的可信公平非抵赖协议,以取代固定TTP,提高协议效率,并运用TPM完整性度量技术和DAA(Direct Anonymous Attestation)远程认证技术,保证证据可信.最后利用Event B对该协议进行形式化建模,证明其有效性和公平性.     

标准模型下基于认证的混合加密算法

为了构建一个较公钥基础设施(PKI)要求更为简单的公钥密码系统,Gentry提出了基于认证的公钥加密方案.在基于认证的公钥加密方案中,第三方对认证申请者的公钥或身份进行签名,并将该签名作为认证发送给申请者,申请者保留认证作为解密时的部分私钥.接收方对密文解密需要同时拥有第三方对其公钥的认证和接收方公钥对应的私钥,因而基于认证的加密方案同时具备基于身份加密方案中公钥的可认证性和传统公钥加密方案中私钥的免撤销性.基于Gentry身份加密算法提出一种高效、短公钥的基于认证的混合加密算法,新算法能在标准(非随机预言机)模型下被证明抗适应性选择密文攻击.     

移动计算中基于椭圆曲线的匿名签名算法

移动代码(例如移动代理)在异地执行签名时往往不希望暴露其所有者的私有密钥,本文提出了一种基于椭圆曲线的移动代码匿名签名算法,依据该算法,移动代码所有者可以利用椭圆曲线根据自己的身份信息为移动代码生成一个认证矢量和一个临时性密钥对,并通过它们实现了移动代码匿名签名以及签名后的不可否认性.该算法除具有匿名性和不可否认性以外,还具有高效性、保密性和不可伪造性等特点,可广泛应用于各种具有代码移动特性的移动计算.     

基于ECC和ID签名的WSN广播快速认证方案

广播认证是无线传感器网络(WSN)的一种基本安全服务,针对现有认证方案的计算量大、认证速度慢等问题,提出一种基于椭圆曲线加密(ECC)和身份(ID)签名的WSN广播快速认证方案.对现有EIBAS签名认证方案进行改进,通过节点间的合作,共享中间计算结果来减少邻居节点的计算量,以此提高认证速度,减少能量消耗.同时,提出一种安全机制,通过对多个邻居共享数据的对比来抵御恶意节点的攻击.实验结果表明,该方案相对于传统的椭圆曲线加密算法能够提高约42％的签名认证速度,降低约36％的能耗,大大延长网络生命周期.     

基于认证的高效公钥加密算法

 2003年,Gentry提出基于认证的公钥加密方案.在基于认证的公钥加密方案中,第三方对认证申请者的公钥和/或身份进行签名,并将签名作为认证发送给申请者,申请者保存该认证作为解密时的部分私钥.接收方对密文解密需要同时拥有第三方对其公钥和/或身份的认证和接收方公钥对应的私钥,因此基于认证的加密方案同时具备基于身份加密方案的公钥可认证性和传统公钥方案中的私钥免撤销性.本文提出一种高效、紧凑的基于认证的公钥混合加密算法,新算法能在非随机预言机模型下被证明满足选择密文攻击安全.     

基于修正EIGamal签名的移动用户认证方案

本文根据L.Harn提出的修正EIGamal签名方案和Rabin公钥加密体制,提出了数字移动通信网中一种高效的认证与密钥分配方案.与[6]的方案相比,新方案具有以下改进(1)由于采用了修正EIGamal签名方案,用户在预备阶段的计算量有所降低.(2)在实时呼叫建立阶段,网络的计算负荷有所减少.(3)方案中没有采用单钥体制,因此降低了方案实现时的成本.分析结果表明,该方案不仅具有较低的计算复杂度,而且具有很高的安全性.     

基于修正ElGamal签名的移动用户认证方案

本文根据L.Harn提出的修正ElGamal签名方案和Rabin公钥加密体制,提出了数字移动通信网中一种高效的认证与密钥分配方案。与[6]的方案相比,新方案具有以下改进:(1)由于采用了修正ElGamal签名方案,用户在预备阶段的计算量有所降低。(2)在实时呼叫建立阶段,网络的计算负荷有所减少。(3)方案中没有采用单钥体制,因此降低了方案实现时的成本。分析结果表明,该方案不仅具有较低的计算复杂度,而且具有很高的安全性。     

安全的两方协作SM2签名算法

在签名算法中,一旦签名私钥被窃取,敌手就可以随意伪造合法用户的签名,从而致使合法用户的权益受到侵害.为了降低签名私钥泄露的风险,本文提出了一种安全的两方协作SM2数字签名算法,该算法将签名私钥拆分成两个部分,分别交由两方来保管,通过采用零知识证明、比特承诺、同态加密等密码学技术保证了只有合法的通信双方才能安全地协作产生完整的SM2签名,任何一方都不能单独恢复出完整的签名私钥,方案的安全性在通用可组合安全框架下被证明,与已有的SM2协作签名方案相比,本文方案具有交互次数少、协作签名效率高等优势.     

无线网络中基于无证书聚合签名的高效匿名漫游认证方案

针对无线移动网络漫游认证中的隐私保护需求,提出了新的匿名漫游认证方案。引入在线离线签名技术,并巧妙结合聚合验证方法,设计了一个无证书聚合签名方案。与相关方案相比,该签名方案降低了签名和验证过程的计算开销,提高了通信效率。继而,基于该签名方案,提出了一种新型高效的匿名漫游认证方案,简化了传统的三方漫游认证模型。理论分析结果表明,该方案安全、有效,特别适用于大规模无线移动网络。     

移动漫游中强安全的两方匿名认证密钥协商方案

由于低功耗的移动设备计算和存储能力较低,设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高,而且不能抵抗临时秘密泄露攻击.针对这两点不足,提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中,基于Schnorr签名机制,设计了一种高效的基于身份签密算法,利用签密的特性实现实体的相互认证和不可追踪;利用认证双方的公私钥直接构造了一个计算Diffie-Hellman（Computational Diffie-Hellman,CDH）问题实例,能抵抗临时秘密泄露攻击.新方案实现了可证明安全,在eCK（extended Canetti-Krawczyk）模型基础上,探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形,进行归纳和拓展,并给出新方案的安全性证明,其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明：新方案安全性更强,需要实现的算法库更少,计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络,为资源约束型移动终端提供漫游接入服务.     

基于代理签名的移动通信网络匿名漫游认证协议

随着无线移动终端的广泛应用,漫游认证、身份保密等问题显得日益突出。该文分析了现有的各种漫游认证协议在匿名性及安全性上存在的问题,指出现有协议都无法同时满足移动终端的完全匿名与访问网络对非法认证请求的过滤,进而针对性地提出了一种新的匿名认证协议。该协议基于椭圆曲线加密和代理签名机制,通过让部分移动终端随机共享代理签名密钥对的方式,实现了完全匿名和非法认证请求过滤。此外,协议运用反向密钥链实现了快速重认证。通过分析比较以及形式化验证工具AVISPA验证表明,新协议实现了完全匿名,对非法认证请求的过滤,双向认证和会话密钥的安全分发,提高了安全性,降低了计算负载,适用于能源受限的移动终端。     

基于分布式密钥共享的UWSN安全分簇方案

针对无照料的无线传感网（UWSN, unattended wireless sensor network）收集效率和安全问题,提出一种安全的UWSN分簇方案,实现了一种三角形网格图的网络拓扑分簇算法,并可完成簇头对移动节点的认证。该方案利用三角形的性质提高了网络的连通度,折中数据收集效率与能耗;将分布式密钥共享方案与分簇算法无缝结合,在网络中高效地搜索移动节点公钥信息,从而在本地不存有对应公钥信息的情况下验证签名信息。实验结果表明,该算法在节点密度越大的情况下分簇越趋近于正三角形网格图,且分簇后的网络对于低于20%节点变节有95%以上概率抵御攻击。     

An efficient two‐party authentication key exchange protocol for mobile environment

The primary goal of this research is to ensure secure communications by client‐server architectures in mobile environment. Although various two‐party authentication key exchange protocols are proposed and claimed to be resistant to a variety of attacks, studies have shown that various loopholes exist in these protocols. What's more, many two‐party authentication key exchange protocols use timestamp to prevent the replay attack and transmit the user's identity in plaintext form. Obviously, these methods will lead to the clock synchronization problem and user's anonymity problem. Fortunately, the three‐way challenged‐response handshake technique and masking user's original identity with a secret hash value used in our study address these problems well. Of course, the proposed protocol based on elliptic curve cryptography supports flawless mutual authentication of participants, agreement of session key, impersonation attack resistance, replay attack resistance, and prefect forward secrecy, as well. The analyses in the aspects of efficiency and security show that the proposed protocol is a better choice for mobile users.     

A privacy‐preserving biometrics based authenticated key agreement scheme using ECC

To ensure secure communication over the insecure public network, this work presents a privacy‐preserving biometrics‐based authenticated key agreement scheme using elliptic curve cryptography, making full use of the advantages that the biometrics can be used to uniquely identify a particular human, and the elliptic curve cryptography can provide the same level security with far less key size compared with other public key cryptography. The proposed scheme realizes the mutual authentication of participants, session key agreement, and various security properties and also can resist kinds of known attacks. Moreover, the proposed scheme has perfect user experience in the aspect of changing password by not interacting with the server. In addition, the security features of our new designed scheme are formally proved under the widely used BPR adversary model. Therefore, from the viewpoint of the authors, the proposed scheme can be considered as the authenticated key agreement scheme for mobile users.     

Securing Mobile Ad Hoc Networks Using Enhanced Identity‐Based Cryptography

Recent developments in identity‐based cryptography (IBC) have provided new solutions to problems related to the security of mobile ad hoc networks (MANETs). Although many proposals to solve problems related to the security of MANETs are suggested by the research community, there is no one solution that fits all. The interdependency cycle between secure routing and security services makes the use of IBC in MANETs very challenging. In this paper, two novel methods are proposed to eliminate the need for this cycle. One of these methods utilizes a key pool to secure routes for the distribution of cryptographic materials, while the other adopts a pairing‐based key agreement method. Furthermore, our proposed methods utilize threshold cryptography for shared secret and private key generation to eliminate the “single point of failure” and distribute cryptographic services among network nodes. These characteristics guarantee high levels of availability and scalability for the proposed methods. To illustrate the effectiveness and capabilities of the proposed methods, they are simulated and compared against the performance of existing methods.     

Grid authentication from identity-based cryptography without random oracles

As a critical component of grid security, secure and efficient grid authentication needs to be well addressed. However, the most widely accepted and applied grid authentication is based on public key infrastructure （PKI） and X.509 certificates, which make the system have low processing efficiency and poor anti-attack capability. To accommodate the challenge of grid authentication, this article aims at designing a secure and efficient method for grid authentication by employing identity-based cryptography （IBC）. Motivated by a recently proposed secure and efficient identity-based encryption （IBE） scheme without random oracles, an identity-based signature （IBS） scheme is first proposed for the generation of private key during grid authentication. Based on the proposed IBS and the former IBE schemes, the structure of a novel grid authentication model is given, followed by a grid authentication protocol described in detail. According to the theoretical analysis of the model and the protocol, it can be argued that the new system has improved both the security and efficiency of the grid authentication when compared with the traditional PKI-based and some current IBC-based models.     

通信信息加/解密研究进展

密码技术是信息安全的核心技术。如今,计算机网络环境下信息的保密性、完整性、可用性和抗抵赖性,都需要采用密码技术来解决。密码体制大体分为对称密码（又称为私钥密码）和非对称密码（又称为公钥密码）两种。公钥密码在信息安全中担负起密钥协商、数字签名、消息认证等重要角色,已成为最核心的密码。又有一些新的密码算法不断的出现,在不同的信息领域扮演着重要的角色。     

Secure interconnection protocol for integrated Internet and ad hoc networks

Integration of ad hoc networks with the Internet provides global Internet connectivity for ad hoc hosts through the coordination of mobile IP and ad hoc protocols. In a pure ad hoc network, it is difficult to establish trust relationship between two ad hoc hosts due to lack of infrastructure or centralized administration. In this paper, an infrastructure‐supported and distributed authentication protocol is proposed to enhance trust relationships amongst ad hoc hosts. In addition, an effective secure routing protocol (SRP) is discussed to protect the multi‐hop route for Internet and ad hoc communication. In the integrated ad hoc networks with Internet accessibility, the ad hoc routing security deployed with the help of infrastructure has a fundamental impact on ad hoc hosts in term of Internet access, integrity, and authentication. Both analysis and simulation results demonstrate the effectiveness of the proposed security protocol. Copyright © 2007 John Wiley & Sons, Ltd.     

Threshold cryptography in mobile ad hoc networks under minimal topology and setup assumptions

Mobile Ad Hoc Networks (MANET), due to their lack of physical infrastructures or centralized online authorities, pose a number of security challenges to a protocol designer. In particular, several typical application scenarios demand the design of protocols that cannot base their security on the existence of trusted parties or setup information, but rather need to leverage uniquely on assumptions limiting the corrupting power of the adversaries. This naturally defines security design and analysis paradigms similar to those of the threshold cryptography area, where it is typically assumed that an adversary can corrupt up to a limited amount of entities or resources. Therefore a secure realization of primitives from threshold cryptography in MANET promises to be applicable to several MANET protocols. However, directly applying known threshold cryptography solutions for wired network into MANETs faces serious challenges. In particular, we noted a major design difficulty due to the lack of full network connectivity that significantly constrained the network topology assumptions under which a MANET threshold signature scheme can be proved secure. In this paper we formalize, investigate and present a new MANET threshold signature scheme that is secure under significantly improved topology and setup assumptions. Surprisingly, we break through an apparent barrier due to well-known results from the distributed computing area.