对两种密钥协商协议的分析与改进
|
摘要
对Chen所提的一种基于身份的多重认证密钥交换协议和一种无证书双方认证密钥协商协议进行了安全性分析,证明其提出的基于身份的多重认证密钥交换协议除了存在基于身份公钥密码体制固有的密钥托管问题之外,还不能满足前向安全性;不使用对的无证书双方认证密钥协商协议也无法抵抗无证书公钥密码体制安全模型中A_(II)类型敌手的攻击.由此,基于椭圆曲线密码体制分别提出新的无证书多重和单重认证密钥交换协议,证明新方案满足已知密钥安全、完美前向安全、抗临时密钥泄漏、抗假冒攻击及抗中间人攻击等安全特性.效率分析表明,新方案在确保安全性的同时具有较高的运算效率.
Chen proposed an identity-based authenticated multiple key agreement protocol and a certificateless two-party authenticated key agreement protocol,security analysis shows that the proposed identity-based authenticated multiple key agreement protocol has the key escrow problem existing in identity-based public key cryptography and can not supply forward secrecy either.The proposed certificateless two-party authenticated key agreement protocol without bilinear pairings can not resist the attacks from Attacker AII existing in security model of certificateless public key cryptography.To solve the security problems of Chen's protocols,we proposed a certificateless two-party authenticated multiple key agreement protocol and a certificateless two-party authenticated single key agreement protocol based on ECC.Then we prove that our new protocols satisfy the known-key security,perfect forward secrecy,against ephemeral key leakage,key-compromise resilience,against Man-in-the middle attack and other security properties a two-party authenticated key agreement protocol should have.Meanwhile,the novel schemes avoid bilinear paring operation,efficiency analysis show that they can supply stronger security with lower computational overhead.
Chen proposed an identity-based authenticated multiple key agreement protocol and a certificateless two-party authenticated key agreement protocol,security analysis shows that the proposed identity-based authenticated multiple key agreement protocol has the key escrow problem existing in identity-based public key cryptography and can not supply forward secrecy either.The proposed certificateless two-party authenticated key agreement protocol without bilinear pairings can not resist the attacks from Attacker AII existing in security model of certificateless public key cryptography.To solve the security problems of Chen's protocols,we proposed a certificateless two-party authenticated multiple key agreement protocol and a certificateless two-party authenticated single key agreement protocol based on ECC.Then we prove that our new protocols satisfy the known-key security,perfect forward secrecy,against ephemeral key leakage,key-compromise resilience,against Man-in-the middle attack and other security properties a two-party authenticated key agreement protocol should have.Meanwhile,the novel schemes avoid bilinear paring operation,efficiency analysis show that they can supply stronger security with lower computational overhead.
引文
[1]Whitfield Diffie,Martin Hellman.New directions in cryptography[J].IEEE Transactions on Information Theory,1976,22(6):644-654.
[2]Lein Harn,Changlu Lin.Efficient group Diffie-Hellman key agreement protocols[J].Computers and Electrical Engineering,2014,40(6):1972-1980.
[3]Shamir A.Identity based cryptosystems and signature schemes[C].Advances in Cryptology Crypto84.Berlin:Springer-Verlag,1984:47-53.
[4]Peter Nose.Security weaknesses of a signature scheme and authenticated key agreement protocols[J].Information Processing Letters,2014,114(3):107-115.
[5]Zhou Huan,Wang Xiao-feng,Su Jin-shu.An efficient identity-based key agreement protocol in a multiple PKG environment[J].Wuhan University Journal of Natural Sciences,2014,19(5):455-460.
[6]Wang Yong-ge.Efficient identity-based and authenticated key agreement protocol[C].Lecture Notes in Computer Science,2013,7420(1):247-254.
[7]Tan Zuo-wen.An efficient pairing-free identity-based authenticated group key agreement protocol[J].International Journal of Communication Systems,2015,28(3):534-545.
[8]Ni Liang,Chen Gong-liang,Li Jian-hua.Escrowable identity-based authenticated key agreementprotocol with strong security[J].Computers and Mathematics with Applications,2013,65(9):1339-1349.
[9]Alriyami S,Paterson K.Certificateless public key cryptography[C].Proceedings of ASIACRYPT 2003,Berlin:Springer-Verlag,2003:452-473.
[10]Zhang Lei,Wu Qian-hong,Qin Bo.Provably secure certificateless authenticated asymmetric group key agreement[J].Leture Notes in Computer Science,2014,8434(1):496-510.
[11]Shu Jian.Certificateless two-party authenticated key agreement protocol with provable security[J].Journal of Chinese Computer Systems,2012,33(9):294-296.
[12]Li Xiao-wei,Zhang Yu-qing,Zhang Ge-fei.A new certificateless authenticated key agreement protocol for SIP with different KGCs[J].Security and Communication Networks,2013,6(5):631-643.
[13]Yang Hao-min,Zhang Yao-xue,Zhou Yue-zhi.Certificateless twoparty authenticated key agreement protocol based on bilinear pairing[J].Journal of Tsinghua University(Science&Technology),2012,52(9):1293-1297.
[14]Geng M and Zhang F.Provably secure certificateless two-party authenticated key agreement protocol without pairing[C].International Conference on Computational Intelligence and Security,2009:208-212.
[15]He D,Padhye S,Chen J.An efficient certificateless two-party authenticated key agreement protocol[J].Computers and Mathematics with Applications,2012,64(6):1914-1926.
[16]Yang G and Tan C.Strongly secure certificateless key exchange without pairing[C].6th ACM Symposium on Information,Computer and Communications Security,2011:71-79.
[17]MIRACL.Multiprecision integer and rational arithmetic C/C++Library[EB/OL].http://indigo.ie/mscott/,2004.
[18]Chen L,Cheng Z,Smart N P.Identity-Based key agreement protocols from pairings[J].International Journal of Information Security,2007,6(4):213-241.
[19]Chen Yi-tao.The research an application of the authenticated key agreement protocols based on elliptic curve cryptography[D].Wuhan:Wuhan Universtiy,2014.
[20]Qin Yan-lin,Wu Xiao-ping.Security analysis and improvement of a certificateless signcryption scheme[J].Application Research of Computers,2015,32(11):3426-3429.
[11]舒剑.可证安全的无证书两方认证密钥协商协议[J].小型微型计算机系统,2012,33(9):294-296.
[13]杨浩民,张尧学,周悦芝.基于双线性对的无证书两方认证密钥协商协议[J].清华大学学报(自然科学版),2012,52(9):1293-1297.
[19]陈义涛.基于椭圆曲线的认证密钥协商协议的研究及应用[D].武汉:武汉大学,2014.
[20]秦艳琳,吴晓平.对一个无证书签密方案的分析与改进[J].计算机应用研究,2015,32(11):3426-3429.
[2]Lein Harn,Changlu Lin.Efficient group Diffie-Hellman key agreement protocols[J].Computers and Electrical Engineering,2014,40(6):1972-1980.
[3]Shamir A.Identity based cryptosystems and signature schemes[C].Advances in Cryptology Crypto84.Berlin:Springer-Verlag,1984:47-53.
[4]Peter Nose.Security weaknesses of a signature scheme and authenticated key agreement protocols[J].Information Processing Letters,2014,114(3):107-115.
[5]Zhou Huan,Wang Xiao-feng,Su Jin-shu.An efficient identity-based key agreement protocol in a multiple PKG environment[J].Wuhan University Journal of Natural Sciences,2014,19(5):455-460.
[6]Wang Yong-ge.Efficient identity-based and authenticated key agreement protocol[C].Lecture Notes in Computer Science,2013,7420(1):247-254.
[7]Tan Zuo-wen.An efficient pairing-free identity-based authenticated group key agreement protocol[J].International Journal of Communication Systems,2015,28(3):534-545.
[8]Ni Liang,Chen Gong-liang,Li Jian-hua.Escrowable identity-based authenticated key agreementprotocol with strong security[J].Computers and Mathematics with Applications,2013,65(9):1339-1349.
[9]Alriyami S,Paterson K.Certificateless public key cryptography[C].Proceedings of ASIACRYPT 2003,Berlin:Springer-Verlag,2003:452-473.
[10]Zhang Lei,Wu Qian-hong,Qin Bo.Provably secure certificateless authenticated asymmetric group key agreement[J].Leture Notes in Computer Science,2014,8434(1):496-510.
[11]Shu Jian.Certificateless two-party authenticated key agreement protocol with provable security[J].Journal of Chinese Computer Systems,2012,33(9):294-296.
[12]Li Xiao-wei,Zhang Yu-qing,Zhang Ge-fei.A new certificateless authenticated key agreement protocol for SIP with different KGCs[J].Security and Communication Networks,2013,6(5):631-643.
[13]Yang Hao-min,Zhang Yao-xue,Zhou Yue-zhi.Certificateless twoparty authenticated key agreement protocol based on bilinear pairing[J].Journal of Tsinghua University(Science&Technology),2012,52(9):1293-1297.
[14]Geng M and Zhang F.Provably secure certificateless two-party authenticated key agreement protocol without pairing[C].International Conference on Computational Intelligence and Security,2009:208-212.
[15]He D,Padhye S,Chen J.An efficient certificateless two-party authenticated key agreement protocol[J].Computers and Mathematics with Applications,2012,64(6):1914-1926.
[16]Yang G and Tan C.Strongly secure certificateless key exchange without pairing[C].6th ACM Symposium on Information,Computer and Communications Security,2011:71-79.
[17]MIRACL.Multiprecision integer and rational arithmetic C/C++Library[EB/OL].http://indigo.ie/mscott/,2004.
[18]Chen L,Cheng Z,Smart N P.Identity-Based key agreement protocols from pairings[J].International Journal of Information Security,2007,6(4):213-241.
[19]Chen Yi-tao.The research an application of the authenticated key agreement protocols based on elliptic curve cryptography[D].Wuhan:Wuhan Universtiy,2014.
[20]Qin Yan-lin,Wu Xiao-ping.Security analysis and improvement of a certificateless signcryption scheme[J].Application Research of Computers,2015,32(11):3426-3429.
[11]舒剑.可证安全的无证书两方认证密钥协商协议[J].小型微型计算机系统,2012,33(9):294-296.
[13]杨浩民,张尧学,周悦芝.基于双线性对的无证书两方认证密钥协商协议[J].清华大学学报(自然科学版),2012,52(9):1293-1297.
[19]陈义涛.基于椭圆曲线的认证密钥协商协议的研究及应用[D].武汉:武汉大学,2014.
[20]秦艳琳,吴晓平.对一个无证书签密方案的分析与改进[J].计算机应用研究,2015,32(11):3426-3429.