一种无证书的移动Ad hoc网络密钥管理方案

结合无证书签密协议,提出一种分级移动Adhoc网络密钥管理方案。该方案不需要公钥证书,用户自己生成公钥,有效地降低了用户终端计算、存储能力的需求和系统密钥管理的通信开销;同时密钥生成中心为用户生成部分私钥,解决了基于身份密码体制中的密钥托管问题;分级的结构将网上节点分成一些相对独立的自治域,既提高了安全服务的可用性和可扩充性,也便于对某些紧急情况快速做出反应。     

可认证的无证书密钥协商协议

无证书公钥密码体制能有效地克服基于身份密码体制中密钥托管的限制,结合基于身份密码体制和可认证密钥协商的优点,提出了一个新的可认证无证书密钥协商协议。经过分析,该协议不仅满足一般密钥协商的安全特性,而且与已有的密钥协商相比,具有更少的对数运算。     

一种轻量级基于证书的认证密钥协商方案

认证密钥协议对于在公共网络上安全通信至关重要,它使通信方能够在恶意攻击者当前安全地设置共享会话密钥.基于证书的密码学(CBC)很好地解决了传统公钥密码体制中的证书撤销问题、基于身份的密码体制中的密钥托管问题和无证书密码体制中安全信道建立困难问题.现有的基于证书认证密钥协商方案大多都采用了昂贵的双线性配对,不适合计算资源有限的移动设备.本文设计了一种轻量级的基于证书的AKA协议,该协议用假名技术实现用户身份匿名.该协议提供了前向保密,抵抗中间人攻击,重放攻击等安全性分析.与以往基于证书的AKA协议相比,该协议在计算效率上具有明显的优势.     

无线自组网中有效的证密钥协商方案

在Diffie-Hellman密钥交换算法和基于身份的密码体制基础上,提出一种适用于无线自组网的认证密钥协商方案。该方案利用分布的多项式秘密共享的思想,实现PKG分布化和网络中节点公私钥的生成。通过随机数认证和基于身份的签名以及DH密钥协商算法实现认证密钥协商。该方案II3E与DH算法相结合,具有基于身份的密码体制低存储量和通信量的优点,同时认证密钥协商后的通信均可采用对称密码算法来有效降低计算量,节省网络资源。理论分析证明本方案是安全的。     

网络查询系统中认证协议的设计与分析

针对网络查询系统的背景和需求,基于公钥密码体制设计了一个端端密钥分发协议,基于对称密码体制设计了一个身份认证协议,并利用改进后的BAN逻辑对身份认证协议进行了分析,证明了其安全性。     

一个安全的两方认证密钥协商协议简

在不安全的通信环境中,如何安全有效地保障用户之间信息的传递是一个倍受关注的问题。认证密钥协商协议是解决该问题方法之一。基于李发根等人的签密方案,提出了一个安全的两方认证密钥协商协议。方案的安全性分析表明,该协议不仅具有传统的基于身份的密码方案的核心功能,而且还很好地消除了基于身份密码方案中存在的密钥托管问题。     

基于分层身份的网络密钥协商协议

为保证开放网络环境下的安全通信,在现有基于身份密码体制的基础上,提出一种新的基于分层身份的网络密钥协商协议.新协议满足所有密钥协商的安全属性,计算效率全面领先目前已有协议,能够有效地解决传统公钥系统需要进行证书传递和验证的问题,且能满足大规模网络应用的需求.     

基于椭圆曲线密码体制的可认证的密钥协商设计与分析

椭圆曲线密码体制以其密钥短、安全强度高、速度快等优越性被广泛用于进行构建数字签名和用户身份认证方案.同样,它也可以用来构建密钥交换协议.Diffie-Hellman密钥协商协议对来自中间人的攻击是脆弱的.基于椭圆曲线离散对数难解性, 利用椭圆曲线密码体制的数字签名方案,提出了基于身份认证的密钥协商协议.该协议提供身份认证、密钥确认、完美前向安全性, 并能够防止中间人攻击.     

一种基于身份的车载自组网认证机制

针对车载自组网（VANET）的安全特性,采用基于身份的密码学算法、分布式秘密共享算法和XTR公钥密码体制,实现安全高效的车辆节点认证。在使用Lagrange插值公式实现分布式的系统主密钥的基础上,基于XTR体制中的迹运算实现安全的分布式节点密钥签发;简单讨论了XTR密码体制下基于身份的数字签名算法;同时,引入信誉值的概念来查找和剔除网络中的恶意节点。通过算法安全性和效率分析,该机制适用于分布式的车辆移动网络环境。     

基于身份的无可信中心Ad-hoc密钥管理方案

针对移动Ad-hoc网络中迫切需要解决的安全问题是建立一个安全、高效、可行的密钥管理系统,提出了一种基于身份无可信中心的适合于Ad-hoc网络密钥管理方案,有效地解决了节点间的信任问题及基于身份密码体制的密钥托管问题,并给出了一种可以为用户在线周期性更新密钥机制。最后证明了所得用户公钥与用户身份的绑定及用户私钥的安全性。     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

Securing Mobile Ad Hoc Networks with Certificateless Public Keys

This paper studies key management, a fundamental problem in securing mobile ad hoc networks (MANETs). We present IKM, an ID-based key management scheme as a novel combination of ID-based and threshold cryptography. IKM is a certificateless solution in that public keys of mobile nodes are directly derivable from their known IDs plus some common information. It thus eliminates the need for certificate-based authenticated public-key distribution indispensable in conventional public-key management schemes. IKM features a novel construction method of ID-based public/private keys, which not only ensures high-level tolerance to node compromise, but also enables efficient network-wide key update via a single broadcast message. We also provide general guidelines about how to choose the secret-sharing parameters used with threshold cryptography to meet desirable levels of security and robustness. The advantages of IKM over conventional certificate-based solutions are justified through extensive simulations. Since most MANET security mechanisms thus far involve the heavy use of certificates, we believe that our findings open a new avenue towards more effective and efficient security design for MANETs     

An efficient ID-based cryptographic encryption based on discrete logarithm problem and integer factorization problem

ID-based encryption (identity-based) is a very useful tool in cryptography. It has many potential applications. The security of traditional ID-based encryption scheme wholly depends on the security of secret keys. Exposure of secret keys requires reissuing all previously assigned encryptions. This limitation becomes more obvious today as key exposure is more common with increasing use of mobile and unprotected devices. Under this background, mitigating the damage of key exposure in ID-based encryption is an important problem. To deal with this problem, we propose to integrate forward security into ID-based encryption. In this paper, we propose a new construction of ID-based encryption scheme based on integer factorization problem and discrete logarithm problem is semantically secure against chosen plaintext attack (CPA) in random oracle model. We demonstrate that our scheme outperforms the other existing schemes in terms of security, computational cost and the length of public key.     

SDSR——Ad hoc网络中安全的动态源路由协议*

首先回顾了Ad hoc安全路由协议的研究现状,然后对于DSR协议给出一种安全路由协议SDSR。利用基于身份的密码体制节点可以非交互地共享一对称密钥,邻居节点使用该密钥进行预认证生成会话密钥。路由发现过程中采用对称密钥算法进行逐跳加密和认证,可以阻止非法节点参与路由过程,而且具有较高的效率。     

移动IP中基于随机数的认证注册协议

在基于身份公钥系统的基础上,给出新的注册协议。用各实体产生的随机数来计算会话密钥,避免了在无线链路上传输会话密钥,安全的实现了MN,FA及HA三者间的密钥分配。用公钥算法对实体进行认证,并且同时对实体所收发的随机数进行比较,实现了对实体的二次认证。对协议的安全性分析表明其能满足安全通信的条件。     

Integrating identity-based and certificate-based authenticated key exchange protocols

Key establishment is becoming a widely deployed cryptographic primitive. As such, there has been extensive research on designing algorithms that produce shared secret keys. These protocols require parties to either hold certificates or rely on identity (ID)-based primitives to achieve authentication. Chain and cross certifications allow users trusting different certification authorities to interact. Similarly, there are methods to extend ID-based solutions across multiple key generation centers (KGC). However, there has been no dedicated work on interoperability between the two settings. A straightforward solution would require each user to maintain certificates and ID-based static keys to accommodate all peers. The cost of maintaining many secret keys; matching keys with protocols; and preventing undesired interference would arguably make such a solution impractical. In this work, we offer an alternative where a user needs to keep a single static key pair and can subsequently engage in a session key establishment with peers holding certificates or identity-based keys. Thus, the proposed solution has none of disadvantages of maintaining multiple static private keys.     

一种有效的基于身份的两方密钥交换协议

基于身份的密钥交换协议通过协议参与者的身份信息来建立会话密钥。文章基于计算离散对数困难问题,提出一种基于身份的两方密钥交换协议,并对协议的效率和安全性进行了分析。分析表明,所提出的协议具有较好的运行效率,能满足两方密钥交换协议的安全属性要求。     

Identity-based signature scheme based on quadratic residues

Identity-based(ID-based)cryptography has drawn great concerns in recent years,and most of ID-based schemes are constructed from bilinear parings.Therefore,ID-based scheme without pairing is of great interest in the field of cryptography.Up to now, there still remains a challenge to construct ID-based signature scheme from quadratic residues.Thus,we aim to meet this challenge by proposing a concrete scheme.In this paper,we first introduce the technique of how to calculate a 2lth root of a quadratic residue,and then give a concrete ID-based signature scheme using such technique. We also prove that our scheme is chosen message and ID secure in the random oracle model,assuming the hardness of factoring.     

An efficient identity-based key exchange protocol with KGS forward secrecy for low-power devices

For an ID-based key exchange (KE) protocol, KGS forward secrecy is about the protection of previously established session keys after the master secret key of the Key Generation Server (KGS) is compromised. This is the strongest notion of forward secrecy that one can provide for an ID-based KE protocol. Among all the comparable protocols, there are only a few of them that provide this level of forward secrecy, and all of these protocols require expensive bilinear pairing operations and map-to-point hash operations that may not be suitable for implementation on low-power devices such as sensors. In this paper, we propose a new ID-based KE protocol which does not need any pairing or map-to-point hash operations. It also supports the strongest KGS forward secrecy. On its performance, we show that it is faster than previously proposed protocols in this category. Our protocol is a signature-based one, in which the signature scheme is a variant of a scheme proposed by Bellare et al. in Eurocrypt 2004. We show that the variant we proposed is secure, and also requires either less storage space or runtime computation than the original scheme.