基于多维球面重构的航空自组网群组认证
|
摘要
针对航空自组网"一对一"认证存在效率低的问题,基于多维球面重构理论提出一种批量进行所有成员身份验证的群组认证方案.该方案以球心作为共享秘密,将球面上的点作为令牌分发给成员,战术组网时使用参与成员的令牌重构此球面,若重构成功,则证明参与成员身份合法;否则,证明参与者中间存在非法用户.安全分析表明本方案能够抵抗来自外部的重放攻击和内部的合谋攻击;对比分析表明本方案较其他同类方案具有部署灵活、信息率高和认证快速的优势.
Because of low-efficiency existing with the one-by-one authentication for aeronautical ad hoc networks,the group authentication scheme for batch verification of all participants was proposed based on multi-dimensional sphere reconstruction properties.Choosing a sphere in multi-dimensional space,the coordinate of the center of sphere was regarded as the shared secret,and the coordinate of the point in the sphere surface was distributed to the group member as the token.All the participants reconstructed the secret by their tokens during tactical networking.If the reconstruction is successful,all the participants are group members;otherwise,there is at least one non-member among the participants.Security analysis shows the scheme can resist the outsiders' replay and insiders' coalition attacks.Comparing with other group authentications schemes the scheme has the advantages of flexibility,high-information-rate and high efficiency etc.
Because of low-efficiency existing with the one-by-one authentication for aeronautical ad hoc networks,the group authentication scheme for batch verification of all participants was proposed based on multi-dimensional sphere reconstruction properties.Choosing a sphere in multi-dimensional space,the coordinate of the center of sphere was regarded as the shared secret,and the coordinate of the point in the sphere surface was distributed to the group member as the token.All the participants reconstructed the secret by their tokens during tactical networking.If the reconstruction is successful,all the participants are group members;otherwise,there is at least one non-member among the participants.Security analysis shows the scheme can resist the outsiders' replay and insiders' coalition attacks.Comparing with other group authentications schemes the scheme has the advantages of flexibility,high-information-rate and high efficiency etc.
引文
[1]梁一鑫,程光,郭晓军,等.机载网络体系结构及其协议栈研究进展[J].软件学报,2016,27(1):96-111.
[2]乔震,刘光杰,李季,等.移动自组织网络安全接入技术研究综述[J].计算机科学,2013,40(12):1-9.
[3]GENTRY C,RAMZAN Z.Identity-based aggregate signatures[C]//Proc of International Conference on Theory and Practice of Public-Key Cryptography.Berlin:Springer-Verlag,2006:257-273.
[4]SHEN L,MA J,LIU X,et al.A secure and efficient ID-based aggregate signature scheme for wireless sensor networks[J].IEEE Internet of Things Journal,2017,4(2):546-553.
[5]IWASAKI T,YANAI N,INAMURA M,et al.Tightly-secure identity-based structured aggregate signature scheme under the computational Diffie-Hellman assumption[C]//Proc of International Conference on Advanced Infor-mation Networking and Applications.New York:IEEE,2016:669-676.
[6]庞辽军.秘密共享技术及其应用研究[D].西安:西安电子科技大学通信工程学院,2006.
[7]HARN L.Group authentication[J].IEEE Transactions on Computers,2013,62(9):1893-1898.
[8]LI S,DOH I,CHAE K.A group authentication scheme based on Lagrange interpolation polynomial[C]//Proc of International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.New York:IEEE,2016:386-391.
[9]季洋洋,苗付友,蒋辉文.简单的异步(t,m,n)组认证方案[J].计算机工程与应用,2016,52(15):8-12.
[10]MIAO F,JIANG H,JI Y,et al.Asynchronous group authentication[J].Chinese Journal of Electronics,2017,26(4):820-826.
[11]何晓婷,苗付友,方亮.基于秘密共享的(t,m,n)-AS组认证方案[J].计算机工程,2017,43(3):1-6.
[12]BLAKLEY G R.Safeguarding cryptographic keys[C]//Proc of American Federation of Information Processing Societies.New York:IEEE Computer Society,1979:313-317.
[13]WU T,HE W.A geometric approach for sharing secrets[J].Computers and Security,1995,14(2):135-145.
[14]GE L,TANG S.Sharing multi-secret based on circle properties[C]//Proc of International Conference on Computational Intelligence and Security.New York:IEEEComputer Society,2008:340-344.
[15]柯召,孙琦.数论讲义[M].北京:高等教育出版社,2005.
[2]乔震,刘光杰,李季,等.移动自组织网络安全接入技术研究综述[J].计算机科学,2013,40(12):1-9.
[3]GENTRY C,RAMZAN Z.Identity-based aggregate signatures[C]//Proc of International Conference on Theory and Practice of Public-Key Cryptography.Berlin:Springer-Verlag,2006:257-273.
[4]SHEN L,MA J,LIU X,et al.A secure and efficient ID-based aggregate signature scheme for wireless sensor networks[J].IEEE Internet of Things Journal,2017,4(2):546-553.
[5]IWASAKI T,YANAI N,INAMURA M,et al.Tightly-secure identity-based structured aggregate signature scheme under the computational Diffie-Hellman assumption[C]//Proc of International Conference on Advanced Infor-mation Networking and Applications.New York:IEEE,2016:669-676.
[6]庞辽军.秘密共享技术及其应用研究[D].西安:西安电子科技大学通信工程学院,2006.
[7]HARN L.Group authentication[J].IEEE Transactions on Computers,2013,62(9):1893-1898.
[8]LI S,DOH I,CHAE K.A group authentication scheme based on Lagrange interpolation polynomial[C]//Proc of International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing.New York:IEEE,2016:386-391.
[9]季洋洋,苗付友,蒋辉文.简单的异步(t,m,n)组认证方案[J].计算机工程与应用,2016,52(15):8-12.
[10]MIAO F,JIANG H,JI Y,et al.Asynchronous group authentication[J].Chinese Journal of Electronics,2017,26(4):820-826.
[11]何晓婷,苗付友,方亮.基于秘密共享的(t,m,n)-AS组认证方案[J].计算机工程,2017,43(3):1-6.
[12]BLAKLEY G R.Safeguarding cryptographic keys[C]//Proc of American Federation of Information Processing Societies.New York:IEEE Computer Society,1979:313-317.
[13]WU T,HE W.A geometric approach for sharing secrets[J].Computers and Security,1995,14(2):135-145.
[14]GE L,TANG S.Sharing multi-secret based on circle properties[C]//Proc of International Conference on Computational Intelligence and Security.New York:IEEEComputer Society,2008:340-344.
[15]柯召,孙琦.数论讲义[M].北京:高等教育出版社,2005.