摘要： 当服务使用者与提供者位于不同注册域时需要跨域认证，认证成功的实体需要建立一个会话密钥保证后续通信安全。针对该问题，提出一种跨域认证与密钥建立协议，借助各实体的注册服务器完成双向认证，结合签密法建立新的会话密钥。经典SVO逻辑证明，该协议能保证密钥的公平性和隐密性，且能抵抗各种安全攻击。

关键词: 跨域认证, 密钥建立, 普适计算, 签密法

Abstract: When the service user and provider belong to different domains, it needs cross-domain authentication, after successful authentication, it should establish a new session key to secure the subsequent communication. Aiming at this problem, this paper presents an cross-domain authentication and key establishment protocol. Mutual authentication is achieved with the help of the register servers, and new session key is established using the signcryption. Classic SVO logic proves that this protocol can ensure the fairness and tacitness for key, and it can prevent all kinds of safety attack.

Key words: cross-domain authentication, key establishment, pervasive computing, signcryption

中图分类号: 

• TP309