计算机工程 ›› 2019, Vol. 45 ›› Issue (9): 153-160,182.doi: 10.19678/j.issn.1000-3428.0053945

• 安全技术 • 上一篇    下一篇

一种增强的移动互联网身份基认证密钥协商协议

孙海燕, 李玲玲, 张玲, 张建伟, 黄万伟   

  1. 郑州轻工业大学 软件学院, 郑州 450002
  • 收稿日期:2019-02-19 修回日期:2019-04-12 出版日期:2019-09-15 发布日期:2019-09-03
  • 作者简介:孙海燕(1983-),女,讲师、博士,主研方向为密码协议;李玲玲,硕士研究生;张玲、张建伟、黄万伟,博士。
  • 基金项目:
    国家自然科学基金(61502436,61672471);河南省科技攻关项目(172102210060);郑州轻工业大学博士基金(2014BSJJ081)。

An Enhanced Identity-based Authentication Key Agreement Protocol for Mobile Internet

SUN Haiyan, LI Lingling, ZHANG Ling, ZHANG Jianwei, HUANG Wanwei   

  1. Software Engineering College, Zhengzhou University of Light Industry, Zhengzhou 450002, China
  • Received:2019-02-19 Revised:2019-04-12 Online:2019-09-15 Published:2019-09-03

摘要: 针对双线性对运算耗时较多和PKI证书管理负担重的问题,王真等人提出基于身份的移动互联网高效认证密钥协商协议(通信学报,2017年第8期),但该协议不能抵抗临时私钥泄露攻击,不具备eCK安全性。为此,提出一种不使用双线性对运算的身份基认证密钥协商协议,并在GDH假设和随机预言机模型下,证明其具备eCK安全性。分析结果表明,该协议密钥协商阶段仅需4个椭圆曲线点乘运算,与CKD-10、XW-12、WML-17等协议相比效率较高,单轮通信次数和计算代价较少,适用于移动互联网环境。

关键词: 双线性对, 攻击, eCK模型, 基于身份的密码学, 认证密钥协商

Abstract: To address the problems of time-consuming bilinear pairings and the heavy burden of PKI certificate management,WANG Z,et al.proposed an identity-based efficient Authentication Key Agreement(AKA) protocol for mobile Internet(Journal of Communications,2017,No.8),but this protocol cannot resist the attack of temporary private key leakage and does not have eCK security.For this reason,an identity-based authentication AKA protocol without bilinear pairings operation is proposed,whose eCK security is proved under the GDH assumption and random oracle model.Analysis results show that this protocol only needs four elliptic curve point multiplication in the key agreement stage,which is more efficient than CKD-10,XW-12,WML-17 and other protocols.Meanwhile,its single round communication times and computational cost are less,which is suitable for mobile Internet environment.

Key words: bilinear pairings, attack, eCK model, identity-based cryptography, Authentication Key Agreement(AKA)

中图分类号: