Study on the security of the authentication scheme with key recycling in QKD

In quantum key distribution (QKD), the information theoretically secure authentication is necessary to guarantee the integrity and authenticity of the exchanged information over the classical channel. In order to reduce the key consumption, the authentication scheme with key recycling (KR), in which a secret but fixed hash function is used for multiple messages while each tag is encrypted with a one-time pad (OTP), is preferred in QKD. Based on the assumption that the OTP key is perfect, the security of the authentication scheme has be proved. However, the OTP key of authentication in a practical QKD system is not perfect. How the imperfect OTP affects the security of authentication scheme with KR is analyzed thoroughly in this paper. In a practical QKD, the information of the OTP key resulting from QKD is partially leaked to the adversary. Although the information leakage is usually so little to be neglected, it will lead to the increasing degraded security of the authentication scheme as the system runs continuously. Both our theoretical analysis and simulation results demonstrate that the security level of authentication scheme with KR, mainly indicated by its substitution probability, degrades exponentially in the number of rounds and gradually diminishes to zero.     

Identity based secure authentication scheme based on quantum key distribution for cloud computing

Identity theft is the most recurrent twenty-first century cybercrime. Thus, authentication is of utmost significance as the number of hackers who seek to intrigue into legitimate user’s account to obtain sensitive information is increasing. Identity based authentication operates to corroborate the identity of the user so that only the legitimate user gets access to the service. This paper proposes a quantum identity based authentication and key agreement scheme for cloud server architecture. Quantum cryptography based on the laws of quantum physics is a vital technology for securing privacy and confidentiality in the field of network security. A formal security analysis has been performed using AVISPA tool that confirms the security of the proposed scheme. The security analysis of the proposed protocol proves that it is robust against all security attacks. To confirm applicability of quantum key distribution in cloud computing, a practical long-distance entanglement-based QKD experiment has been proposed. This experiment confirms successful generation of shifted keys over distance of 100 km of optical fiber with a key rate of 4.11 bit/s and an error rate of 9.21 %.     

基于Chebyshev多项式的身份认证方案的研究

基于有限域的Chebyshev多项式由于其良好的单向性和半群特性,被广泛应用到公钥密码算法、密钥协商及身份认证方案中。在安全性方面对已有的基于Chebyshev多项式的身份认证方案进行了分析,并提出了一个新的身份认证方案。通过对其性能的研究,新的方案是安全有效的。     

Security of BB84 with weak randomness and imperfect qubit encoding

The main threats for the well-known Bennett–Brassard 1984 (BB84) practical quantum key distribution (QKD) systems are that its encoding is inaccurate and measurement device may be vulnerable to particular attacks. Thus, a general physical model or security proof to tackle these loopholes simultaneously and quantitatively is highly desired. Here we give a framework on the security of BB84 when imperfect qubit encoding and vulnerability of measurement device are both considered. In our analysis, the potential attacks to measurement device are generalized by the recently proposed weak randomness model which assumes the input random numbers are partially biased depending on a hidden variable planted by an eavesdropper. And the inevitable encoding inaccuracy is also introduced here. From a fundamental view, our work reveals the potential information leakage due to encoding inaccuracy and weak randomness input. For applications, our result can be viewed as a useful tool to quantitatively evaluate the security of a practical QKD system.     

Advanced unambiguous state discrimination attack and countermeasure strategy in a practical B92 QKD system

Even though unconditional security of B92 quantum key distribution (QKD) system is based on the assumption of perfect positive-operator-valued measures, practical B92 systems only utilize two projective measurements. Unfortunately, such implementation may degrade the security of the B92 QKD system due to Eve’s potential attack exploiting the imperfection of system. In this paper, we propose an advanced attack strategy with an unambiguous state discrimination (USD) measurement which makes practical B92 QKD systems insecure even under a lossless channel. In addition, we propose an effective countermeasure against the advanced USD attack model by monitoring double-click events. We further address a fundamental approach to make the B92 QKD system tolerable to attack strategies with USD measurements using a multi-qubit scheme.     

Physical layer authentication for automotive cyber physical systems based on modified HB protocol

Automotive cyber physical systems (CPSs) are ever more utilizing wireless technology for V2X communication as a potential way out for challenges regarding collision detection, wire strap up troubles and collision avoidance. However, security is constrained as a result of the energy and performance limitations of modern wireless systems. Accordingly, the need for efficient secret key generation and management mechanism for secured communication among computationally weak wireless devices has motivated the introduction of new authentication protocols. Recently, there has been a great interest in physical layer based secret key generation schemes by utilizing channel reciprocity. Consequently, it is observed that the sequence generated by two communicating parties contain mismatched bits which need to be reconciled by exchanging information over a public channel. This can be an immense security threat as it may let an adversary attain and recover segments of the key in known channel conditions. We proposed Hopper-Blum based physical layer (HB-PL) authentication scheme in which an enhanced physical layer key generation method integrates the Hopper-Blum (HB) authentication protocol. The information collected from the shared channel is used as secret keys for the HB protocol and the mismatched bits are used as the induced noise for learning parity with noise (LPN) problem. The proposed scheme aims to provide a way out for bit reconciliation process without leakage of information over a public channel. Moreover, HB protocol is computationally efficient and simple which helps to reduce the number of exchange messages during the authentication process. We have performed several experiments which show that our proposed design can generate secret keys with improved security strength and high performance in comparison to the current authentication techniques. Our scheme requires less than 55 exchange messages to achieve more than 95% of correct authentication.     

BB84量子密钥分配协议在专网中的应用

依据专用网络的特点,对BB84量子密钥分配协议做了改进,提出一种适用于专用网络的BB84-PN协议。该协议通过身份认证和量子物理特性,提高了安全性。同时,在通信过程中通过协商传输量子密钥规则,有效地提高了传输效率。     

Multiple stochastic paths scheme on partially-trusted relay quantum key distribution network

Quantum key distribution (QKD) technology provides proven unconditional point-to-point security based on fundamental quantum physics. A QKD network also holds promise for secure multi-user communications over long distances at high-speed transmission rates. Although many schemes have been proposed so far, the trusted relay QKD network is still the most practical and flexible scenario. In reality, the insecurity of certain relay sections cannot be ignored, so to solve the fatal security problems of partially-trusted relay networks we suggest a multiple stochastic paths scheme. Its features are: (i) a safe probability model that may be more practical for real applications; (ii) a multi-path scheme with an upper bound for the overall safe probability; (iii) an adaptive stochastic routing algorithm to generate sufficient different paths and hidden routes. Simulation results for a typical partially-trusted relay QKD network show that this generalized scheme is effective. Supported by the National Fundamental Research Program of China (Grant No. 2006CB921900), the National Natural Science Foundation of China (Grant Nos. 60537020 and 60621064), the Knowledge Innovation Project of the Chinese Academy of Sciences, and the Chinese Academy of Sciences International Partnership Project     

Reference-free-independent quantum key distribution immune to detector side channel attacks

Usually, a shared reference frame is indispensable for practical quantum key distribution (QKD) systems. As a result, most QKD systems need active alignment of reference frame due to the unknown and slowly variances of reference frame introduced by environment. Quite interestingly, reference-free-independent (RFI) QKD can generate secret-key bits without alignment of reference frame. However, RFI QKD may be still vulnerable to detector side channel attacks. Here, we propose a new RFI QKD protocol, in which all detector side channels are removed. Furthermore, our protocol can still tolerate unknown and slow variance of reference frame without active alignment. And a numerical simulation shows that long security distance is probable in this protocol.     

An advanced security scheme based on clustering and key distribution in vehicular ad-hoc networks

Preservation of security is an essential requirement in vehicular ad hoc networks (VANETs) as vehicular communication is vulnerable to attacks. Attackers may exploit VANETs to send bogus information to deceive other vehicles which leads to serious issues. In this paper, we describe an advanced Secure scheme based on Clustering and Key Distribution (SCKD) among members and cluster-heads in VANET. The SCKD is a coordination based algorithm in which nodes are located within different clusters and their cluster heads are chosen from trusty nodes. For a secure end-to-end communication, our scheme deploys the proxy signature, blind proxy signature, hashed message authentication code, and symmetric cryptography. Results show that our scheme preserves security requirements including authentication, confidentiality, data-integrity, non-repudiation, and unforgeability. Since the cost and time computation of key generation and distribution decreases by SCKD compared with other algorithms, our algorithm will be applicable for VANETs.     

基于标签ID的RFID系统密钥无线生成算法

针对现有的RFID认证协议使用到的共享密钥都是事先设置好初始密钥值,攻击者可以通过一些手段获取该密钥,从而可以获取标签相关的隐私信息问题,提出了一种基于标签ID的密钥无线生成算法,避免了共享密钥事先设置好的问题。标签与读写器在认证之前,先通过本文算法动态生成共享密钥,解决了上述安全隐患问题。通过全面的安全性分析,本文的算法不仅可以解决共享密钥泄漏安全问题,而且还可以降低标签的成本。     

WSN中基于非双线性对的无证书群组密钥协商协议

针对无线传感网(Wireless Sensor Network,WSN)群组密钥协商协议计算开销较大的问题,提出一种基于非双线性对的无证书群组密钥协商协议。在系统初始化阶段,协议通过无证书加密体制的密钥生成中心生成节点部分私钥,各个节点依据秘密值与对应的部分密钥相乘产生私钥;在节点认证阶段,协议基于椭圆曲线上的点乘运算提出节点认证机制,利用节点的部分私钥与具有身份信息的临时公钥进行点乘运算来确定节点的身份信息;在生成会话密钥阶段,通过点乘运算生成会话密钥,以降低节点的计算开销。最后,分析了协议的计算开销和通信开销。结果表明,所提出的群组密钥协商协议能保证群组节点通信的安全性,并有效降低群组节点通信的计算开销。     

Direct proof of security of Wegman–Carter authentication with partially known key

Information-theoretically secure (ITS) authentication is needed in quantum key distribution (QKD). In this paper, we study security of an ITS authentication scheme proposed by Wegman & Carter, in the case of partially known authentication key. This scheme uses a new authentication key in each authentication attempt, to select a hash function from an Almost Strongly Universal \(_2\) hash function family. The partial knowledge of the attacker is measured as the trace distance between the authentication key distribution and the uniform distribution; this is the usual measure in QKD. We provide direct proofs of security of the scheme, when using partially known key, first in the information-theoretic setting and then in terms of witness indistinguishability as used in the universal composability (UC) framework. We find that if the authentication procedure has a failure probability \(\varepsilon \) and the authentication key has an \(\varepsilon ^{\prime }\) trace distance to the uniform, then under ITS, the adversary’s success probability conditioned on an authentic message-tag pair is only bounded by \(\varepsilon +|\mathcal T |\varepsilon ^{\prime }\) , where \(|\mathcal T |\) is the size of the set of tags. Furthermore, the trace distance between the authentication key distribution and the uniform increases to \(|\mathcal T |\varepsilon ^{\prime }\) after having seen an authentic message-tag pair. Despite this, we are able to prove directly that the authenticated channel is indistinguishable from an (ideal) authentic channel (the desired functionality), except with probability less than \(\varepsilon +\varepsilon ^{\prime }\) . This proves that the scheme is ( \(\varepsilon +\varepsilon ^{\prime }\) )-UC-secure, without using the composability theorem.     

一种新的安全协议及其串空间模型分析

针对有限域上计算离散对数的困难,提出了一种新的身份认证与密钥协商安全协议——PJY。PJY安全协议通过两次握手就可以验证通信双方的身份,同时产生对等的会话密钥。采用串空间模型分析该安全协议的正确性,通过构造渗透串空间模型,采用认证测试证明了PJY安全协议在任意一种攻击串模式下都具有单射一致性和机密性,从而证明了PJY安全协议的正确性。     

Improved key integrity checking for high-speed quantum key distribution using combinatorial group testing with strongly selective family design

Key integrity checking is a necessary process in practical quantum key distribution (QKD) to check whether there is any error bit escaped from the previous error correction procedure. The traditional single-hash method may become a bottleneck in high-speed QKD since it has to discard all the key bits even if just one error bit exists. In this paper, we propose an improved scheme using combinatorial group testing (CGT) based on strong selective family design to verify key integrity in fine granularity and consequently improve the total efficiency of key generation after the error correction procedure. Code shortening technique and parallel computing are also applied to enhance the scheme’s flexibility and to accelerate the computation. Experimental results show that the scheme can identify the rare error bits precisely and thus avoid dropping the great majority of correct bits, while the overhead is reasonable. For a $2^{20}$ -bit key, the disclosed information for public comparison is 800 bits (about 0.076 % of the key bits), reducing 256 bits when compared with the previous CGT scheme. Besides, with an Intel^® quad-cores CPU at 3.40 GHz and 8 GB RAM, the computational times are 3.0 and 6.3 ms for hashing and decoding, respectively, which are reasonable in real applications and will not cause significant latency in practical QKD systems.     

基于设备与信道特征的物理层安全方法

接入安全与数据保密是无线网络安全性和保密性的两个最重要的因素.然而,基于计算安全的身份认证及保密通信方法在未来信息化系统中面临巨大挑战.与此同时,基于信息论安全的物理层安全为身份认证和保密通信开辟了新的思路.本文综述了近年来基于设备与信道特征的物理层安全方法的研究进展.利用无线通信设备、信道的特性可以从物理层实现设备身份的识别与认证以及密钥的分发与更新,同时具备高度安全性与使用便捷性.其中,设备指纹方法从发射信号中提取发送设备的特征,作为设备身份的唯一标识,从而准确识别不同发射源个体.指纹的唯一性、鲁棒性、长时不变性、独立性、统一性和可移植性是设备指纹身份认证的依据.而基于信道特征的密钥生成方法则从接收射频信号中提取互易的上下行信道的参数,转化为对称密钥,实现一次一密的安全传输.同样地,密钥的一致性、随机性、防窃听性则是反映无线信道密钥生成方法性能的关键要素.本文对设备指纹与信道密钥的关键要素归纳分析,并指出目前存在的几类难点问题.最后,本文讨论了在未来移动通信中该技术新的应用场景.     

移动IPv6网络安全接入认证方案

对于移动IPv6网络,身份认证是网络安全的关键问题之一.针对移动IPv6网络的接入认证,提出了一种基于移动互联网双向认证方案.在移动切换过程中的接入认证和家乡注册,采用对家乡注册消息进行基于双私钥签名的方式,实现了家乡代理和移动节点分别对注册消息的签名,实现了接入认证与家乡注册的并发执行,移动用户和接入网络的一次交互实现了用户和接入域的有效双向认证.理论分析和数据结果表明,方案的认证总延时和切换延时要优于传统方法,有效地降低了系统认证的延时.安全性分析表明,框架中的基于双私钥的CPK方案满足双向接入认证安全,有效地解决了密钥托管问题.     

非对称加密算法在身份认证中的应用研究

随着计算机网络以及智能终端应用的不断普及,特别是网络金融以及二维码的快速普及,信息安全问题越来越突出。文中研究了对称加密算法数据加密标准DES,主要研究了公开密钥基础设施体系PKI,这是确保信息在传输过程中安全性的第三方平台,它主要负责颁发带有CA中心数字签名的证书以及管理RSA算法中需要的公钥和私钥;研究了几种非对称加密算法并分析了它们的性能;重点研究了CEE中基于有限域上的椭圆曲线离散对数算法和RSA非对称加密算法,提出了用私钥加密公钥解密方案来解决信息真伪鉴别即身份认证问题,编程实现了RSA的公钥生成以及信息的加密和解密,主要实现了RSA密钥生成器模块、加密模块和解密模块,设计了加解密图形界面,完成了文件路径加密和整个文件的加密。实验结果表明RSA算法的可行性和安全性是较高的。     

A user friendly mutual authentication and key agreement scheme for wireless sensor networks using chaotic maps

Spread of wireless network technology has opened new doors to utilize sensor technology in various areas via Wireless Sensor Networks (WSNs). Many authentication protocols for among the service seeker users, sensing component sensor nodes (SNs) and the service provider base-station or gateway node (GWN) are available to realize services from WSNs efficiently and without any fear of deceit. Recently, Li et al. and He et al. independently proposed mutual authentication and key agreement schemes for WSNs. We find that both the schemes achieve mutual authentication, establish session key and resist many known attacks but still have security weaknesses. We show the applicability of stolen verifier, user impersonation, password guessing and smart card loss attacks on Li et al.’s scheme. Although their scheme employs the feature of dynamic identity, an attacker can reveal and guess the identity of a registered user. We demonstrate the susceptibility of He et al.’s scheme to password guessing attack. In both the schemes, the security of the session key established between user and SNs is imperfect due to lack of forward secrecy and session-specific temporary information leakage attack. In addition both the schemes impose extra computational load on resource scanty sensor-nodes and are not user friendly due to absence of user anonymity and lack of password change facility. To handle these drawbacks, we design a mutual authentication and key agreement scheme for WSN using chaotic maps. To the best of our knowledge, we are the first to propose an authentication scheme for WSN based on chaotic maps. We show the superiority of the proposed scheme over its predecessor schemes by means of detailed security analysis and comparative evaluation. We also formally analyze our scheme using BAN logic.     

Four-state quantum key distribution exploiting maximum mutual information measurement strategy

We propose a four-state quantum key distribution (QKD) scheme using generalized measurement of nonorthogonal states, the maximum mutual information measurement strategy. Then, we analyze the eavesdropping process in intercept–resend and photon number splitting attack scenes. Our analysis shows that in the intercept–resend and photon number splitting attack eavesdropping scenes, our scheme is more secure than BB84 protocol and has higher key generation rate which may be applied to high-density QKD.