通用可组合安全的Internet密钥交换协议

通过对新一代Internet密钥交换协议(IKEv2)进行分析，指出了其初始交换过程中存在发起者身份暴露和认证失败问题．而在无线接入网络环境下，对发起者身份等敏感信息进行主动保护是十分必要的．提出了一种适用于无线网络环境下的Internet密钥交换协议，该协议让响应者显式地证明自己的真实身份，实现了对发起者主动身份保护．并通过重新构造认证载荷，有效防止了认证失败问题．在通用可组合安全模型下，证明了该协议达到了通用可组合安全．性能分析和仿真实验表明，该协议具有较少的计算量和通信量．

Universally composable secure Internet key exchange protocol

The new Internet key exchange protocol (IKEv2) is analyzed, and it is found that the protocol can not achieve active identity protection to the initiator and has the security flaw of authentication failure in its initial exchange. However, it is necessary to protect the identity information to the initiator under the environment of a wireless access network. In this paper, a novel key exchange protocol for the wireless network based on IKEv2 initial exchange is proposed, which realizes active identity protection to the initiator by the responder explicitly proving his true identity, and achieves successful authentication by reconstructing the authentication payload. With the Universally Composable (UC) security model, this new protocol is analyzed in detail, with the analytical results showing that it affords provably UC security. Performance analysis and simulation results show that the proposed protocol has less computation and communication overhead.