一种面向廊桥AP的ECC身份认证方案
|
摘要
针对飞机通过廊桥接入点与航空公司进行飞机健康管理数据、电子飞行包等数据传输的无线网络无统一身份认证机制的问题,结合椭圆曲线密码体制与组合式伪随机数提出一种数字签名技术与身份认证方案,同时使用SVO逻辑对该方案进行形式化分析.结果表明,组合式伪随机数生成方案解决了身份认证中随机数的重复值问题,数字签名技术实现了基于身份的认证机制,身份认证方案实现了双向认证,椭圆曲线密码体制保证了密码强度.综合分析表明,该方案满足飞机与航空公司通过廊桥接入点进行数据传输的安全需求,能更好地应用于民航领域.
In viewof the problem that aircraft have no unified identity authentication mechanism for wireless networks transmitting aircraft health management data,electronic flight packets and other data through the access points of passenger boarding bridge,a digital signature technique and an identity authentication scheme are proposed based on elliptic curve cryptosystem and the combined pseudorandom number. Meanwhile,formal analysis is conducted on the scheme by using SVO logic. The results showthat the problem of duplicate values of random numbers in identity authentication is solved by the combined pseudorandom number generation scheme. The identity-based authentication mechanism is implemented by digital signature technology,and mutual authentication is achieved by identity authentication scheme accordingly. At last,the strength of cipher is guaranteed by the elliptic curve cryptosystem. Comprehensive analysis shows that the scheme satisfies the security requirements of the data transmission between aircraft and airlines through the bridge access point,which can be better applied in the field of civil aviation.
In viewof the problem that aircraft have no unified identity authentication mechanism for wireless networks transmitting aircraft health management data,electronic flight packets and other data through the access points of passenger boarding bridge,a digital signature technique and an identity authentication scheme are proposed based on elliptic curve cryptosystem and the combined pseudorandom number. Meanwhile,formal analysis is conducted on the scheme by using SVO logic. The results showthat the problem of duplicate values of random numbers in identity authentication is solved by the combined pseudorandom number generation scheme. The identity-based authentication mechanism is implemented by digital signature technology,and mutual authentication is achieved by identity authentication scheme accordingly. At last,the strength of cipher is guaranteed by the elliptic curve cryptosystem. Comprehensive analysis shows that the scheme satisfies the security requirements of the data transmission between aircraft and airlines through the bridge access point,which can be better applied in the field of civil aviation.
引文
[1] Miller V S. Use of elliptic curves in cryptography[J]. Lecture Notes in Computer Science,1985,218(1):417-426.
[2]Koblitz N. Elliptic curve cryptosystems[J]. Mathematics of Computation,1987,48(48):203-209.
[3]Yu Hui-fang,Yang Bo. Identity-based hybrid signcryption scheme using ECC[J]. Journal of Software,2015,26(12):3174-3182.
[4]Zhou Zhi-bin,Liu Qin,Wang Guo-jun,et al. Provable-secure offline RFID mutual authentication scheme in the intelligent healthcare environment[J]. Journal of Chinese Computer Systems,2017,38(12):2714-2718.
[5]Nam J,Kim M,Paik J,et al. A provably-secure ECC-based authentication scheme for wireless sensor networks[J]. Sensors,2014,14(11):21023-21044.
[6]Huang Hou-biao. Research on key agreement of airborne wireless mobile Ad Hoc network[D]. Zhengzhou:Information Engineering University,2013.
[7]Li Jian-hua. Network security protocol formal analysis and verification[M]. Beijing:Mechanical Industry Press,2010.
[8]Wang Kun,Zhou Qing-lei. RFID mutual authentication protocol of newinternet of things[J]. Journal of Chinese Computer Systems,2015,36(4):732-738.
[9]Guo Song-hui,Niu Xiao-peng,Wang Yu-long. Elliptic curve based light-weight authentication and key agreement scheme[J]. Computer Science,2015,42(1):137-141.
[10] Ma Chun-bo,Du Yi-cong,Zeng Kun. Challenge-response mutual authenticated protocol based on IBC[J]. Computer Engineering and Design,2017,38(2):345-349.
[11]Islam S H,Biswas G P. Design of improved password authentication and update scheme based on elliptic curve cryptography[J].Mathematical&Computer Modelling,2013,57(11-12):2703-2717.
[12]Stallings W. Network security essentials:applications and standards[M]. Beijing:Tsinghua University,2010.
[3]俞惠芳,杨波.使用ECC的身份混合签密方案[J].软件学报,2015,26(12):3174-3182.
[4]周志彬,刘琴,王国军,等.智能医疗环境下一种可证明安全的RFID离线互认证方案[J].小型微型计算机系统,2017,38(12):2714-2718.
[6]黄后彪.机载无线移动自组网密钥协商研究[D].郑州:解放军信息工程大学,2013.
[7]李建华.网络安全协议的形式化分析与验证[M].北京:机械工业出版社,2010.
[8]王坤,周清雷.新物联网下的RFID双向认证协议[J].小型微型计算机系统,2015,36(4):732-738.
[9]郭松辉,牛小鹏,王玉龙.一种基于椭圆曲线的轻量级身份认证及密钥协商方案[J].计算机科学,2015,42(1):137-141.
[10]马春波,杜以聪,曾坤.基于IBC体制的挑战/应答式双向身份认证协议[J].计算机工程与设计,2017,38(2):345-349.
[2]Koblitz N. Elliptic curve cryptosystems[J]. Mathematics of Computation,1987,48(48):203-209.
[3]Yu Hui-fang,Yang Bo. Identity-based hybrid signcryption scheme using ECC[J]. Journal of Software,2015,26(12):3174-3182.
[4]Zhou Zhi-bin,Liu Qin,Wang Guo-jun,et al. Provable-secure offline RFID mutual authentication scheme in the intelligent healthcare environment[J]. Journal of Chinese Computer Systems,2017,38(12):2714-2718.
[5]Nam J,Kim M,Paik J,et al. A provably-secure ECC-based authentication scheme for wireless sensor networks[J]. Sensors,2014,14(11):21023-21044.
[6]Huang Hou-biao. Research on key agreement of airborne wireless mobile Ad Hoc network[D]. Zhengzhou:Information Engineering University,2013.
[7]Li Jian-hua. Network security protocol formal analysis and verification[M]. Beijing:Mechanical Industry Press,2010.
[8]Wang Kun,Zhou Qing-lei. RFID mutual authentication protocol of newinternet of things[J]. Journal of Chinese Computer Systems,2015,36(4):732-738.
[9]Guo Song-hui,Niu Xiao-peng,Wang Yu-long. Elliptic curve based light-weight authentication and key agreement scheme[J]. Computer Science,2015,42(1):137-141.
[10] Ma Chun-bo,Du Yi-cong,Zeng Kun. Challenge-response mutual authenticated protocol based on IBC[J]. Computer Engineering and Design,2017,38(2):345-349.
[11]Islam S H,Biswas G P. Design of improved password authentication and update scheme based on elliptic curve cryptography[J].Mathematical&Computer Modelling,2013,57(11-12):2703-2717.
[12]Stallings W. Network security essentials:applications and standards[M]. Beijing:Tsinghua University,2010.
[3]俞惠芳,杨波.使用ECC的身份混合签密方案[J].软件学报,2015,26(12):3174-3182.
[4]周志彬,刘琴,王国军,等.智能医疗环境下一种可证明安全的RFID离线互认证方案[J].小型微型计算机系统,2017,38(12):2714-2718.
[6]黄后彪.机载无线移动自组网密钥协商研究[D].郑州:解放军信息工程大学,2013.
[7]李建华.网络安全协议的形式化分析与验证[M].北京:机械工业出版社,2010.
[8]王坤,周清雷.新物联网下的RFID双向认证协议[J].小型微型计算机系统,2015,36(4):732-738.
[9]郭松辉,牛小鹏,王玉龙.一种基于椭圆曲线的轻量级身份认证及密钥协商方案[J].计算机科学,2015,42(1):137-141.
[10]马春波,杜以聪,曾坤.基于IBC体制的挑战/应答式双向身份认证协议[J].计算机工程与设计,2017,38(2):345-349.