会话密钥协商协议研究进展
|
摘要
会话密钥协商协议是在不可信网络中实现安全的信息交换的有效解决方法。通过对会话密钥协商协议相关的安全属性、可证明安全理论及协议分类进行说明。阐述双方会话密钥协商协议与群密钥协商协议的研究现状。将近年来的典型方案在计算开销、交互轮数、安全属性、安全模型等方面进行对比分析。给出会话密钥协商协议设计的基本原则并指明了未来的研究方向。
Session key agreement protocol is one of the effective solutions to secure information exchange in untrusted networks. This paper explains the security attribute of the session key agreement protocol,provable security theory and protocol classification; presents current status of the two-party session key agreement protocol and group key agreement protocol; compares and analyzes the typical schemes in recent years in terms of computational overhead,interactive rounds,security attributes and security model; points out that basic design principles and the future research direction of the session key agreement.
Session key agreement protocol is one of the effective solutions to secure information exchange in untrusted networks. This paper explains the security attribute of the session key agreement protocol,provable security theory and protocol classification; presents current status of the two-party session key agreement protocol and group key agreement protocol; compares and analyzes the typical schemes in recent years in terms of computational overhead,interactive rounds,security attributes and security model; points out that basic design principles and the future research direction of the session key agreement.
引文
[1]Sun H M,He B Z,Chen C M,etal.A provable authenticated group key agreement protocol for mobile environment[J].Information Sciences,2015,321:224-237.
[2]Luo M,Zhang Y,Khan M K,etal.An efficient chaosbased 2-party key agreement protocol with provable security:Two-party Key Agreement Protocol[J].International Journal of Communication Systems,2017,30(14):e3288.
[3]Xu D,Zhang S,Chen J,etal.A provably secure anonymous mutual authentication scheme with key agreement for SIP using ECC[J].Peer-to-Peer Networking and Applications,2017(1):1-11.
[4]王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议[J].计算机学报,2007,30(10):1842-1852.
[5]高志刚,冯登国.高效的标准模型下基于身份认证密钥协商协议[J].软件学报,2011,22(5):1031-1040.
[6]H9lbl M,Welzer T,Brumen B.An improved two-party identity-based authenticated key agreement protocol using pairings[J].Journal of Computer&System Sciences,2012,78(1):142-150.
[7]Bellare M,Rogaway P.Random oracles are practical[C]//The 1st ACM Conference on Computer and Communication Security.New York:ACM Press,1993:62-73.
[8]Xie M,Wang L.One-round identity-based key exchange with Perfect Forward Security[J].Information Processing Letters,2012,112(14-15):587-591.
[9]Cao X,Kou W,Du X.A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges[J].Information Sciences,2010,180(15):2895-2903.
[10]Canetti R,Goldreich O,Halevi S.The random oracle methodology,revisited(preliminary version)[J].Journal of the Acm,2000,51(4):557-594.
[11]高海英.可证明安全的基于身份的认证密钥协商协议[J].计算机研究与发展,2012,49(8):1685-1689.
[12]陈明.标准模型下可托管的基于身份认证密钥协商[J].电子学报,2015,43 (10):1954-1962.
[13]Diffie W,Hellman M E.New directions in cryptography[J].IEEE Transactions on Information Theory,1976,22(6):644-654.
[14]Shamir A.Identity-based cryptosystems and signature schemes[C]//Proceedings of the C RYPTO'84,Lecture Notes in Computer Science 196.Berlin:Springer-Verlag,1984:47-53.
[15]Islam S H,Biswas G P.An improved pairing-free identitybased authenticated key agreement protocol based on ECC[J].Procedia Engineering,2012,30(4):499-507.
[16]Galindo D,Garcia F D.A Schnorr-Like Lightweight Identity-Based Signature Scheme[C]//Progress in CryptologyAFRICACRYPT 2009,Second International Conference on Cryptology in Africa,Gammarth,Tunisia,June 21-25,2009.Proceedings.2009:135-148.
[17]Ran C,Krawczyk H.Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels[J].Lecture Notes in Computer Science,2001,2045:453-474.
[18]Ghoreishi S M,Abd Razak S,Isnin I F,et al.New secure identity-based and certificateless authenticated Key Agreement protocols without pairings[C]//Biometrics and Security Technologies(ISBAST),2014 International Symposium on.IEEE,2015:188-192.
[19]Ghoreishi S M,Isnin I F,Abd Razak S,et al.Secure and authenticated key agreement protocol with minimal complexity of operations in the context of identity-based cryptosystems[C]//International Conference on Computer,Communications,and Control Technology.IEEE,2015.
[20]Smart N P.Identity-based authenticated key agreement protocol based on Weil pairing[J].Electronics Letters,2002,38(13):630-632.
[21]Boneh D,Franklin M K.Identity-Based Encryption from the Weil Pairing[C]//International Cryptology Conference on Advances in Cryptology.Springer-Verlag,2001:213-229.
[22]Shim K.Efficient ID-based authenticated key agreement protocol based on Weil pairing[J].Electronics Letters,2003,39(8):653-654.
[23]Mccullagh N,Barreto P S L M.A new two-party identitybased authenticated key agreement[C]//International Conference on Topics in Cryptology.Springer-Verlag,2005:262-274.
[24]Gentry C.Practical identity-based encryption without random oracles[J].Lecture Notes in Computer Science,2006,4004:445-464.
[25]Liu Z H,Ma H.New two-party identity-based authenticated key agreement protocol without random oracles[C]//Proceedings of the 4th International Conference on Information Security and Cryptology.Beijing:Science Press,2009.78-91.
[26]Chen L,Cheng Z,Smart N P.Identity-based key agreement protocols from pairings[J].International Journal of Information Security,2003,20(4 ):219-233.
[27]李娜,董云卫,车天伟,等.可认证无证书密钥协商协议研究与改进[J].武汉大学学报(工学版),2017,50(1):146-149.
[28]Zhang F,Liu S,Kim K.ID-based one round authenticated tripartite key agreement protocol with pairings[DB].2002,oai:Cite Seer X.psu:10.1.1.79.2509.
[29]Shi Y,Chen G,Li J.ID-based one round authenticated group key agreement protocol with bilinear pairings[C]//International Conference on Information Technology:Coding and Computing.2005,1:757-761.
[30]He Y Z,Han Z.An Efficient authenticated group key agreement protocol[C]//Proc of the 41st Annual IEEE Int Carnahan Conf on Security Technology.Piscataway,NJ:IEEE,2007:250-254.
[31]Yao G,Wang H,Jiang Q.An authenticated 3-round identity-based group key agreement protocol[C]//International Conference on Availability.IEEE Computer Society,2008:538-543.
[32]Yuan W,Hu L,Li H,et al.Analysis of an Authenticated3 -Round Identity-Based Group Key Agreement Protocol[M]//Computer,Informatics,Cybernetics and Applications.Springer Netherlands,2012:889-896.
[33]Zhou L,Susilo W,Mu Y.Efficient ID-Based authenticated group key agreement from bilinear pairings[C]//Mobile Ad-hoc and Sensor Networks,Second International Conference,MSN 2006,Hong Kong,China,December 13-15,2006,Proceedings.2006:521-532.
[34]Teng J K,Wu C K,Tang C M,et al.A strongly secure identity-based authenticated group key exchange protocol[J].Science China Information Sciences,2015,58(9):1-12.
[35]Zhao J J,Gu D W,Gorantla M C.Stronger security model of group key agreement[C]//Proceedings of 6th ACM Symposium on Information,Computer and Communications Security,Hongkong,2011:435-440.
[36]陈勇,何明星,曾晟珂,等.两轮次的可否认的群密钥协商协议[J].密码学报,2016,3(2):137-146.
[37]Teng J K,Wu C K,Tang C M.An ID-based authenticated dynamic group key agreement with optimal round[J].Science China Information Sciences,2012,55(11):2542-2554.
[38]Wu T Y,Tsai T T,Tseng Y M.A provably secure revocable ID-based authenticated group key exchange protocol with identifying malicious participants[J].Informatica,2014,2014(3):29-42.
[39]Wu Q,Mu Y,Susilo W,et al.Asymmetric group key agreement[C]//Advances in Cryptology-EUROCRYPT2009,International Conference on the Theory and Applications of Cryptographic Techniques,Cologne,Germany,April26-30,2009.Proceedings.2009:153-170.
[40]Zhang L,Wu Q,Qin B,et al.Identity-Based authenticated asymmetric group key agreement protocol[J].Journal of Computer Research&Development,2014,6196(19):510-519.
[41]Zhang L,Wu Q,Qin B,et al.Asymmetric group key agreement protocol for open networks and its application to broadcast encryption[J].Computer Networks,2011,55(15):3246-3255.
[41]Wei G,Yang X,Shao J.Efficient certificateless authenticated asymmetric group key agreement protocol[J].Ksii Transactions on Internet&Information Systems,2012,6(12):3352-3365.
[43]张启坤,王锐芳,谭毓安.基于身份的可认证非对称群组密钥协商协议[J].计算机研究与发展,2014,51(8):1727-1738.
[44]陈若昕,陈杰,张跃宇,等.无证书非对称群密钥协商协议[J].密码学报,2016,3(4):382-398.
[2]Luo M,Zhang Y,Khan M K,etal.An efficient chaosbased 2-party key agreement protocol with provable security:Two-party Key Agreement Protocol[J].International Journal of Communication Systems,2017,30(14):e3288.
[3]Xu D,Zhang S,Chen J,etal.A provably secure anonymous mutual authentication scheme with key agreement for SIP using ECC[J].Peer-to-Peer Networking and Applications,2017(1):1-11.
[4]王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议[J].计算机学报,2007,30(10):1842-1852.
[5]高志刚,冯登国.高效的标准模型下基于身份认证密钥协商协议[J].软件学报,2011,22(5):1031-1040.
[6]H9lbl M,Welzer T,Brumen B.An improved two-party identity-based authenticated key agreement protocol using pairings[J].Journal of Computer&System Sciences,2012,78(1):142-150.
[7]Bellare M,Rogaway P.Random oracles are practical[C]//The 1st ACM Conference on Computer and Communication Security.New York:ACM Press,1993:62-73.
[8]Xie M,Wang L.One-round identity-based key exchange with Perfect Forward Security[J].Information Processing Letters,2012,112(14-15):587-591.
[9]Cao X,Kou W,Du X.A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges[J].Information Sciences,2010,180(15):2895-2903.
[10]Canetti R,Goldreich O,Halevi S.The random oracle methodology,revisited(preliminary version)[J].Journal of the Acm,2000,51(4):557-594.
[11]高海英.可证明安全的基于身份的认证密钥协商协议[J].计算机研究与发展,2012,49(8):1685-1689.
[12]陈明.标准模型下可托管的基于身份认证密钥协商[J].电子学报,2015,43 (10):1954-1962.
[13]Diffie W,Hellman M E.New directions in cryptography[J].IEEE Transactions on Information Theory,1976,22(6):644-654.
[14]Shamir A.Identity-based cryptosystems and signature schemes[C]//Proceedings of the C RYPTO'84,Lecture Notes in Computer Science 196.Berlin:Springer-Verlag,1984:47-53.
[15]Islam S H,Biswas G P.An improved pairing-free identitybased authenticated key agreement protocol based on ECC[J].Procedia Engineering,2012,30(4):499-507.
[16]Galindo D,Garcia F D.A Schnorr-Like Lightweight Identity-Based Signature Scheme[C]//Progress in CryptologyAFRICACRYPT 2009,Second International Conference on Cryptology in Africa,Gammarth,Tunisia,June 21-25,2009.Proceedings.2009:135-148.
[17]Ran C,Krawczyk H.Analysis of Key-Exchange Protocols and Their Use for Building Secure Channels[J].Lecture Notes in Computer Science,2001,2045:453-474.
[18]Ghoreishi S M,Abd Razak S,Isnin I F,et al.New secure identity-based and certificateless authenticated Key Agreement protocols without pairings[C]//Biometrics and Security Technologies(ISBAST),2014 International Symposium on.IEEE,2015:188-192.
[19]Ghoreishi S M,Isnin I F,Abd Razak S,et al.Secure and authenticated key agreement protocol with minimal complexity of operations in the context of identity-based cryptosystems[C]//International Conference on Computer,Communications,and Control Technology.IEEE,2015.
[20]Smart N P.Identity-based authenticated key agreement protocol based on Weil pairing[J].Electronics Letters,2002,38(13):630-632.
[21]Boneh D,Franklin M K.Identity-Based Encryption from the Weil Pairing[C]//International Cryptology Conference on Advances in Cryptology.Springer-Verlag,2001:213-229.
[22]Shim K.Efficient ID-based authenticated key agreement protocol based on Weil pairing[J].Electronics Letters,2003,39(8):653-654.
[23]Mccullagh N,Barreto P S L M.A new two-party identitybased authenticated key agreement[C]//International Conference on Topics in Cryptology.Springer-Verlag,2005:262-274.
[24]Gentry C.Practical identity-based encryption without random oracles[J].Lecture Notes in Computer Science,2006,4004:445-464.
[25]Liu Z H,Ma H.New two-party identity-based authenticated key agreement protocol without random oracles[C]//Proceedings of the 4th International Conference on Information Security and Cryptology.Beijing:Science Press,2009.78-91.
[26]Chen L,Cheng Z,Smart N P.Identity-based key agreement protocols from pairings[J].International Journal of Information Security,2003,20(4 ):219-233.
[27]李娜,董云卫,车天伟,等.可认证无证书密钥协商协议研究与改进[J].武汉大学学报(工学版),2017,50(1):146-149.
[28]Zhang F,Liu S,Kim K.ID-based one round authenticated tripartite key agreement protocol with pairings[DB].2002,oai:Cite Seer X.psu:10.1.1.79.2509.
[29]Shi Y,Chen G,Li J.ID-based one round authenticated group key agreement protocol with bilinear pairings[C]//International Conference on Information Technology:Coding and Computing.2005,1:757-761.
[30]He Y Z,Han Z.An Efficient authenticated group key agreement protocol[C]//Proc of the 41st Annual IEEE Int Carnahan Conf on Security Technology.Piscataway,NJ:IEEE,2007:250-254.
[31]Yao G,Wang H,Jiang Q.An authenticated 3-round identity-based group key agreement protocol[C]//International Conference on Availability.IEEE Computer Society,2008:538-543.
[32]Yuan W,Hu L,Li H,et al.Analysis of an Authenticated3 -Round Identity-Based Group Key Agreement Protocol[M]//Computer,Informatics,Cybernetics and Applications.Springer Netherlands,2012:889-896.
[33]Zhou L,Susilo W,Mu Y.Efficient ID-Based authenticated group key agreement from bilinear pairings[C]//Mobile Ad-hoc and Sensor Networks,Second International Conference,MSN 2006,Hong Kong,China,December 13-15,2006,Proceedings.2006:521-532.
[34]Teng J K,Wu C K,Tang C M,et al.A strongly secure identity-based authenticated group key exchange protocol[J].Science China Information Sciences,2015,58(9):1-12.
[35]Zhao J J,Gu D W,Gorantla M C.Stronger security model of group key agreement[C]//Proceedings of 6th ACM Symposium on Information,Computer and Communications Security,Hongkong,2011:435-440.
[36]陈勇,何明星,曾晟珂,等.两轮次的可否认的群密钥协商协议[J].密码学报,2016,3(2):137-146.
[37]Teng J K,Wu C K,Tang C M.An ID-based authenticated dynamic group key agreement with optimal round[J].Science China Information Sciences,2012,55(11):2542-2554.
[38]Wu T Y,Tsai T T,Tseng Y M.A provably secure revocable ID-based authenticated group key exchange protocol with identifying malicious participants[J].Informatica,2014,2014(3):29-42.
[39]Wu Q,Mu Y,Susilo W,et al.Asymmetric group key agreement[C]//Advances in Cryptology-EUROCRYPT2009,International Conference on the Theory and Applications of Cryptographic Techniques,Cologne,Germany,April26-30,2009.Proceedings.2009:153-170.
[40]Zhang L,Wu Q,Qin B,et al.Identity-Based authenticated asymmetric group key agreement protocol[J].Journal of Computer Research&Development,2014,6196(19):510-519.
[41]Zhang L,Wu Q,Qin B,et al.Asymmetric group key agreement protocol for open networks and its application to broadcast encryption[J].Computer Networks,2011,55(15):3246-3255.
[41]Wei G,Yang X,Shao J.Efficient certificateless authenticated asymmetric group key agreement protocol[J].Ksii Transactions on Internet&Information Systems,2012,6(12):3352-3365.
[43]张启坤,王锐芳,谭毓安.基于身份的可认证非对称群组密钥协商协议[J].计算机研究与发展,2014,51(8):1727-1738.
[44]陈若昕,陈杰,张跃宇,等.无证书非对称群密钥协商协议[J].密码学报,2016,3(4):382-398.