摘要: 为解决点对点会话初始协议(P2PSIP)的安全性问题,根据其分布式特点,结合身份公钥密码,提出一种可认证密钥协商方案。分析其安全性、运算效率和密钥托管等问题。该方案可以实现P2PSIP呼叫过程的双向身份认证和密钥协商,抵抗中间人攻击、重放攻击和离线密码攻击,防止消息体篡改、会话劫持和身份欺骗。
关键词:
点对点会话初始协议,
身份,
认证,
密钥协商,
双线性,
密钥托管
Abstract: In order to fit with the Peer to Peer Session Initiation Protocol(P2PSIP) security issues and its distributed characteristics, this paper proposes an authenticable key agreement scheme for P2PSIP by using identity-based cryptography, and analyzes its security, efficiency and key escrow problem. This scheme provides mutual-authentication and key agreement in the process of P2PSIP call, ensuring the security of P2PSIP communication, and avoiding the disadvantage of Public Key Infrastructure(PKI).
Key words:
Peer to Peer Session Initiation Protocol(P2PSIP),
identity,
authentication,
key agreement,
bilinear,
key escrow
中图分类号:
蒋华, 贾永兴, 汪良辰, 杨庆锐. 基于身份的P2PSIP可认证密钥协商方案[J]. 计算机工程, 2012, 38(3): 134-136.
JIANG Hua, GU Yong-Xin, HONG Liang-Chen, YANG Qiang-Dui. Authenticable Key Agreement Scheme for P2PSIP Based on Identity[J]. Computer Engineering, 2012, 38(3): 134-136.