| 移动漫游中强安全的两方匿名认证密钥协商方案 |
| |
| 引用本文: | 陈明.移动漫游中强安全的两方匿名认证密钥协商方案[J].电子学报,2019,47(1):16-24. |
| |
| 作者姓名: | 陈明 |
| |
| 作者单位: | 宜春学院数学与计算机科学学院,江西宜春,336000 |
| |
| 基金项目: | 国家自然科学基金;江西省教育厅科学技术研究项目 |
| |
| 摘 要: | 由于低功耗的移动设备计算和存储能力较低,设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高,而且不能抵抗临时秘密泄露攻击.针对这两点不足,提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中,基于Schnorr签名机制,设计了一种高效的基于身份签密算法,利用签密的特性实现实体的相互认证和不可追踪;利用认证双方的公私钥直接构造了一个计算Diffie-Hellman(Computational Diffie-Hellman,CDH)问题实例,能抵抗临时秘密泄露攻击.新方案实现了可证明安全,在eCK(extended Canetti-Krawczyk)模型基础上,探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形,进行归纳和拓展,并给出新方案的安全性证明,其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明:新方案安全性更强,需要实现的算法库更少,计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络,为资源约束型移动终端提供漫游接入服务.
|
| 关 键 词: | 认证密钥协商 移动漫游服务 基于身份密码体制 计算Diffie-Hellman问题 扩展的CK模型 |
| 收稿时间: | 2016-06-13 |
Strongly Secure and Anonymous Two-Party Authenticated Key Agreement for Mobile Roaming Service |
| |
| CHEN Ming.Strongly Secure and Anonymous Two-Party Authenticated Key Agreement for Mobile Roaming Service[J].Acta Electronica Sinica,2019,47(1):16-24. |
| |
| Authors: | CHEN Ming |
| |
| Affiliation: | School of Mathematics and Computer Science, Yichun University, Yichun, Jiangxi 336000, China |
| |
| Abstract: | As mobile devices usually have limited computing and storage resources,it is difficult to develop an anonymous two-party authentication scheme possessing performance efficiency and strong security simultaneously.The existing two-party authenticated key agreement schemes for roaming service do not resist the attack of ephemeral secrets reveal,and have high computation costs.Therefore,a new anonymous two-party authenticated key agreement scheme for roaming service was proposed in this paper,in which an efficiency identity-based signcryption scheme was adopted to achieve mutual authentication and unlinkability.The identity-based signcryption scheme is based on the Schnorr signature scheme,a very efficient elliptic curve digital signature algorithm,which greatly reduce the total computation cost during one authentication session in comparison with existing authentication schemes.Furthermore,to achieve the security of the ephemeral secrets reveal resistance in the new authentication scheme,we constructed a computational Diffie-Hellman problem instance that required two participants to compute a value by combining its own private key with its peer's public key,respectively.We extended the eCK model to model the two-party authenticated key agreement schemes for roaming service,discussed the distinction between the security game of authenticated key agreement schemes for mobile roaming service and the general one,and demonstrated that the new scheme was provably secure in the extended eCK model.The conclusion indicates that the security of the new scheme can be reduced to solve the computational Diffie-Hellman problem on an elliptic curve over finite field by a polynomial-time adversary.Comparative analysis shows that our scheme has stronger security,needs less cryptography library,and has lower computing and communication overheads.The new scheme can be used to provide secure roaming authentication for resource constrained mobile terminals in global mobility networks,Internet of things or ubiquitous networks. |
| |
| Keywords: | authenticated key agreement mobile roaming service identity-based cryptography computational Diffie-Hellman problem eCK (extended Canetti-Krawczyk) model |
| 本文献已被 万方数据 等数据库收录! |
| 点击此处可从《电子学报》浏览原始摘要信息 |
|
点击此处可从《电子学报》下载全文 |
|
