| 基于属性的多授权中心身份认证方案 |
| |
| 引用本文: | 唐飞,包佳立,黄永洪,黄东,王惠莅.基于属性的多授权中心身份认证方案[J].通信学报,2021(3):220-228. |
| |
| 作者姓名: | 唐飞 包佳立 黄永洪 黄东 王惠莅 |
| |
| 作者单位: | 重庆邮电大学计算机科学与技术学院;重庆邮电大学网络空间安全与信息法学院;重庆机电职业技术大学信息工程学院;中国电子技术标准化研究院信息安全研究中心;西安电子科技大学综合业务网理论及关键技术国家重点实验室 |
| |
| 基金项目: | 国家重点研发计划基金资助项目(No.2018YFB0803905);国家自然科学基金资助项目(No.61702067);重庆市自然科学基金资助项目(No.cstc2017jcyjAX0201,No.cstc2020jcyj-msxmX0343)。 |
| |
| 摘 要: | 针对现有的基于属性的身份认证方案均是基于单授权中心实现的,存在密钥托管问题,即密钥生成中心知道所有用户的私钥,提出了一种基于属性的多授权中心的身份认证方案。所提方案结合分布式密钥生成技术实现用户属性私钥的(t,n)门限生成机制,可以抵抗最多来自t-1个授权中心的合谋攻击。利用双线性映射构造了所提方案,分析了所提方案的安全性、计算开销和通信开销,并与同类型方案做比较。最后,以多因子身份认证为例,分析了所提方案在电子凭据应用场景中的可行性。分析结果表明,所提方案具有更优的综合性能。
|
| 关 键 词: | 身份认证 属性密码 多授权中心 分布式密钥生成 |
Multi-authority attribute-based identification scheme |
| |
| TANG Fei,BAO Jiali,HUANG Yonghong,HUANG Dong,WANG Huili.Multi-authority attribute-based identification scheme[J].Journal on Communications,2021(3):220-228. |
| |
| Authors: | TANG Fei BAO Jiali HUANG Yonghong HUANG Dong WANG Huili |
| |
| Affiliation: | (College of Computer Science and Technology,Chongqing University of Posts and Telecommunications,Chongqing 400065,China;School of Cyber Security and Information Law,Chongqing University of Posts and Telecommunications,Chongqing 400065,China;Information Engineering Institute,Chongqing Vocational and Technical University of Mechatronics,Chongqing 402760,China;Information Security Research Center,China Electronic Technology Standardization Institute,Beijing 100076,China;State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China) |
| |
| Abstract: | Based on the problem that the existing attribute-based identification scheme is all based on one single authority,which has a key escrow problem,that is,the key generation center knows all users’private keys,an multi-authority attribute-based identification scheme was proposed.Distributed key generation technology was integrated to realize the(t,n)threshold generation mechanism of the user’s private key,which could resist collusion attacks from at most t-1 authorities.Utilizing bilinear mapping,a specific multi-authority attribute-based identification scheme was constructed.The security,computation cost and communication cost of the proposed scheme was analyzed,and it was compared with the same type of schemes.Finally,taking multi-factor identification as an example,the feasibility of the proposed scheme in the application scenario of electronic credentials was analyzed.The result shows that the proposed scheme has better comprehensive performance. |
| |
| Keywords: | identification attribute-based cryptography multi-authority distributed key generation |
| 本文献已被 维普 等数据库收录! |
|
