摘要
针对无线通信中用户进行身份认证与密钥协商存在的安全性与计算量之间的制约关系问题,提出一种基于椭圆曲线离散对数难题(Elliptic Curve Discrete Logarithm Problem,ECDLP)的用户快速认证密钥协商协议。该协议通过对用户注册与认证密钥协商阶段的安全性与计算量进行综合分析,基于ECDLP难题为用户在注册阶段分配唯一身份标识符,通过增加用户注册阶段服务器的计算量,有效降低认证密钥协商阶段的计算量,在保证通信机密性、认证性与完整性的条件下,提高用户进行认证密钥协商的效率。安全性分析与计算量对比的结果表明,与其他同类协议相比,本文所提出的协议能在满足安全需求的前提下,有效地降低认证密钥协商协议的总体计算量。
Aiming at the problem of security issues and computational cost in wireless communication while the authenticated key exchange is executing. A remote user fast authenticated key exchange protocol based on Elliptic Curve Discrete Logarithm Problem( ECDLP) is proposed. Upon the comprehensive analysis of security and computational cost between user registration and key exchange phase,the user's unique identifier was assigned based on ECDLP. The computational complexity of authenticated key exchange phase was reduced accordingly with the increasing of computation cost of server in the user registration phase. The computational efficiency of authenticated key exchange is improved under the situation of confidentiality,authentication and integrity is guaranteed. The security analysis and computation comparison with the others related protocols was implemented. The results suggest that the overall computational complexity of the proposed protocol can be effectively reduced under the premise of satisfying the security requirements.
引文
[1]Deebak B D,Muthaiah R,Thenmozhi K,et al.Analyzing the mutual authenticated session key in IP multimedia server-client systems for 4G networks[J].Turkish Journal of Electrical Engineering&Computer Sciences,2016,24(4):3158-3177.
[2]Yan Y,Qian Y,Sharif H,et al.A survey on cyber security for smart grid communications[J].IEEE Communications Surveys&Tutorials,2012,14(4):998-1010.
[3]Lai C,Li H,Li X,et al.A novel group access authentication and key agreement protocol for machine-type communication[J].Transactions on Emerging Telecommunications Technologies,2015,26(3):414-431.
[4]Zhou L,Hu R Q,Qian Y,et al.Energy-spectrum efficiency tradeoff for video streaming over mobile ad hoc networks[J].IEEE Journal on Selected Areas in Communications,2013,31(5):981-991.
[5]Yang J H,Chang C C.An ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem[J].Computers and Security,2009,28:138-143.
[6]Yoon E,Yoo K.Robust ID-based remote mutual authentication with key agreement protocol for mobile devices on ECC[C]∥Computational Science and Engineering(CSE),2009International Conference on.IEEE,2009:633-640.
[7]Islam S H,Biswas G P.A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem[J].Journal of System and Software,2011,84(11):1892-1898.
[8]Chou C H,Tsai K Y,Lu C F.Two ID-based authenticated schemes with key agreement for mobile environments[J].The Journal of Supercomputing,2013,66:973-988.
[9]马钧,冷华.配电自动化GPRS两方认证密钥协商协议[J].计算机工程,2013,39(11):143-146,157.Ma Jun,Leng Hua.Mutual Authenticated Key Agreement Protocol for GPRS in Distribution Automation[J].Computer Engineering,2013,39(11):143-146,157.(in Chinese)
[10]Zhou L.Mobile Device-to-Device Video Distribution:Theory and Application[J].ACM Transactions on Multimedia Computing,Communications,and Applications(TOMM),2016,12(3):38.
[11]Uhsadel L,Poschmann A,Paar C.An Efficient General Purpose Elliptic Curve Cryptography[C]∥in ENCRYPT Workshop,SPEED-Software Performance Enhancement for Encryption and Decryption,2007:95-104.
[12]Swanson C,David J.A study of two-party certificateless authenticated key-agreement protocols[C]∥Proceedings of INDOCRYPT 2009,LNCS 5922,Berlin:Springer Verlag,2009:57-71.
[13]Lippold G,Boyd C,Nieto J.Strongly secure certificateless key agreement[C]∥Proceeding of the Pairing,LNCS 5671,2009:206-230.
[14]He D,Chen Y,Chen J.An Id-based three-party authenticated key exchange protocol using elliptic curve cryptography for mobile commerce environments[J].Arabian Journal for Science and Engineering,2013,38:2055-2061.
[15]Diffie W,Hellman M.New directions in cryptography[J].IEEE Transactions on Information Theory,1976,22(6):644-654.
[16]Koblitz N.Elliptic curve cryptosystems[J].in Mathematics of Computation,1987:203-209.
[17]Miller V S.Use of Elliptic Curves in Cryptography[J].Lecture Notes in Computer Science,1985,218(1):417-426.
[18]Zhou L,Wu D,Zheng B,et al.Joint physicalapplication layer security for wireless multimedia delivery[J].IEEE Communications Magazine,2014,52(3):66-72.
[19]贾仁庆,吴晓富,朱卫平.i Jam密钥产生方案的双窃听者合作攻击[J].信号处理,2016,32(1):91-97.Jia Renqing,Wu Xiaofu,Zhu Weiping.Double-Eavesdroppers Cooperative Attack on i Jam[J].Journal of Signal Processing,2016,32(1):91-97.(in Chinese)
[20]Xiao L,Yan Q,Lou W,et al.Proximity-based security techniques for mobile users in wireless networks[J].IEEE Transactions on Information Forensics and Security,2013,8(12):2089-2100.