计算机工程

• 安全技术 • 上一篇    下一篇

一种认证群密钥传输协议的安全分析与改进

李吉亮,李顺东,陈振华   

  1. (陕西师范大学计算机科学学院,西安 710062)
  • 收稿日期:2013-07-12 出版日期:2014-07-15 发布日期:2014-07-14
  • 作者简介:李吉亮(1989-),男,硕士研究生,主研方向:密码学,信息安全;李顺东,教授、博士、博士生导师;陈振华,副教授、博士研究生。
  • 基金项目:
    国家自然科学基金资助项目(61070189, 61272435);中央高校基本科研业务费专项基金资助项目(GK201304008)。

Safety Analysis and Improvement of an Authenticated Group Key Transport Protocol

LI Ji-liang, LI Shun-dong, CHEN Zhen-hua   

  1. (School of Computer Science, Shaanxi Normal University, Xi’an 710062, China)
  • Received:2013-07-12 Online:2014-07-15 Published:2014-07-14

摘要: Yuan等人提出的基于秘密共享的认证群密钥传输协议(Applied Mathematics & Information Sciences, 2013, No.5)存在用户信息易被反复利用、随机序列易被篡改等问题,通过拦截、修改用户与密钥生成中心(KGC)之间的传输数据,可成功进行中间人攻击。为此,利用RSA算法、Shamir(t,n)秘密共享和对称加密思想提出一个改进协议,对用户选取的随机数进行加密,并增加KGC对随机数的验证步骤,同时将对称加密引入到会话密钥认证过程中,实现保密传输与认证。安全性分析结果表明,改进协议能够增强群密钥的机密性和认证性,有效抵抗中间人攻击,同时保证了所有群成员共享密钥对的安全。

关键词: 群密钥传输, 认证, 秘密共享, 密码分析, 中间人攻击, 机密性

Abstract: An authenticated group key transfer protocol based on secret sharing proposed by Yuan, et al(Applied Mathematics & Information Sciences, 2013, No.5) suffers from the defect in user authentication and random sequence. This paper makes a man in the middle attack successful on the protocol by intercepting and modifying the transmitted data between the user and Key Generation Center(KGC), and then designs an improved protocol using the fundamental of RSA algorithm, Shamir(t,n) secret sharing and symmetric encryption thought. The random number is encrypted chosen by the user and an authentication process executed by KGC for random number is added in the proposed protocol, and also add the symmetric encryption into the process of session key authentication to realize the secret transmission and certification. Safety analysis shows that the new protocol not only can ensure the key freshness, confidentiality and authentication, but also can resist the man in the middle attack effectively and ensure the security of all group members’ shared secret.

Key words: group key transport, authentication, secret sharing, cryptanalysis, man in the middle attack, confidentiality

中图分类号: