电子学报 ›› 2015, Vol. 43 ›› Issue (10): 1954-1962.DOI: 10.3969/j.issn.0372-2112.2015.10.012

• 学术论文 • 上一篇    下一篇

标准模型下可托管的基于身份认证密钥协商

陈明   

  1. 宜春学院数学与计算机科学学院, 江西宜春 336000
  • 收稿日期:2014-11-15 修回日期:2015-06-15 出版日期:2015-10-25
    • 作者简介:
    • 陈明 男,1978年5月出生,重庆北碚人.2003年、2007年和2011年在重庆大学分别获工学学士、工学硕士和工学博士学位.现为宜春学院数学与计算机科学学院教师,从事信息安全、安全协议分析与设计等方面的研究工作.E-mail:chenming9824@aliyun.com
    • 基金资助:
    • 江西省自然科学基金 (No.2014ZBAB207022)

Escrowable Identity-Based Authenticated Key Agreement in the Standard Model

CHEN Ming   

  1. School of Mathematics and Computer Science, Yichun University, Yichun, Jiangxi 336000, China
  • Received:2014-11-15 Revised:2015-06-15 Online:2015-10-25 Published:2015-10-25
    • Supported by:
    • Natural Science Foundation of Jiangsu Province,  China (No.2014ZBAB207022)

摘要:

现有会话密钥可托管的ID-AKA(IDentity-based Authenticated Key Agreement)协议要么存在已知安全缺陷,要么是在随机预言模型下可证明安全.基于Boneh等人定义的安全陷门函数,提出一种会话密钥可托管的ID-AKA协议.在ID-BJM模型基础上,扩展定义了ID-AKA协议分析的标准安全模型.扩展模型将安全游戏划分为两个阶段,去除了随机预言机,能完备地模拟不同类型敌手的行为.在扩展模型下,新协议的安全性被规约为多项式时间敌手求解判定性BDH(Bilinear Diffie-Hellman)难题和判定性BDHI(Bilinear Diffie-Hellman Inversion)难题,具有可证明安全性.

关键词: 认证密钥协商, 基于身份密码体制, 双线性映射, 标准模型, 密钥托管

Abstract:

In recent years, a few escrowable ID-AKA protocols have been proposed, but none of them are provably secure in the standard model while simultaneously having strong security.The main issue is how a simulator is able to deal with reveal-queries without the help of random oracles.In this paper, we presented a method incorporating a built-in security trapdoor function in an escrowable ID-AKA protocol.The security of our protocol relied on the hardness of the decisional Bilinear Diffie-Hellman Inversion problem.Meanwhile, we extended the security game of ID-AKA protocols to resist stronger adversarial powers, which allowed our security game to capture additional security properties such as perfect forward secrecy, ephemeral secrets reveal resistance and so on.Assuming that no adversary can obtain the master secret key and each party in the protocol has at least one uncompromised secret, our scheme is secure.

Key words: authenticated key agreement, identity-based cryptography, bilinear pairing, standard model, key escrow

中图分类号: