移动漫游中强安全的两方匿名认证密钥协商方案

陈明

doi:10.3969/j.issn.0372-2112.2019.01.003

您当前的位置：

首页 >

文章列表页 >

移动漫游中强安全的两方匿名认证密钥协商方案

学术论文 | 更新时间：2025-07-16

- 移动漫游中强安全的两方匿名认证密钥协商方案
- Strongly Secure and Anonymous Two-Party Authenticated Key Agreement for Mobile Roaming Service
- 电子学报 2019年47卷第1期页码：16-24
- 作者机构：
  
  1. 宜春学院数学与计算机科学学院,江西,宜春,336000
  2. 宜春学院数学与计算机科学学院,江西,宜春,336000
- 作者简介：
- 基金信息：
  
  国家自然科学基金 (No.61662083）;江西省教育厅科学技术研究项目 (No.GJJ151040，No.GJJ151037，No.GJJ161042，No.GJJ161677）
- DOI：10.3969/j.issn.0372-2112.2019.01.003
  中图分类号： TP309
- 网络出版：2019-01-25，
  
  纸质出版：2019
- 稿件说明：
移动端阅览
陈明. 移动漫游中强安全的两方匿名认证密钥协商方案[J]. 电子学报, 2019,47(1):16-24.

CHEN Ming. Strongly Secure and Anonymous Two-Party Authenticated Key Agreement for Mobile Roaming Service[J]. Acta Electronica Sinica, 2019, 47(1): 16-24.
陈明. 移动漫游中强安全的两方匿名认证密钥协商方案[J]. 电子学报, 2019,47(1):16-24. DOI： 10.3969/j.issn.0372-2112.2019.01.003.

CHEN Ming. Strongly Secure and Anonymous Two-Party Authenticated Key Agreement for Mobile Roaming Service[J]. Acta Electronica Sinica, 2019, 47(1): 16-24. DOI： 10.3969/j.issn.0372-2112.2019.01.003.

摘要

由于低功耗的移动设备计算和存储能力较低，设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高，而且不能抵抗临时秘密泄露攻击.针对这两点不足，提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中，基于Schnorr签名机制，设计了一种高效的基于身份签密算法，利用签密的特性实现实体的相互认证和不可追踪；利用认证双方的公私钥直接构造了一个计算Diffie-Hellman（Computational Diffie-Hellman，CDH）问题实例，能抵抗临时秘密泄露攻击.新方案实现了可证明安全，在eCK（extended Canetti-Krawczyk）模型基础上，探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形，进行归纳和拓展，并给出新方案的安全性证明，其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明：新方案安全性更强，需要实现的算法库更少，计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络，为资源约束型移动终端提供漫游接入服务.

Abstract

As mobile devices usually have limited computing and storage resources

it is difficult to develop an anonymous two-party authentication scheme possessing performance efficiency and strong security simultaneously.The existing two-party authenticated key agreement schemes for roaming service do not resist the attack of ephemeral secrets reveal

and have high computation costs.Therefore

a new anonymous two-party authenticated key agreement scheme for roaming service was proposed in this paper

in which an efficiency identity-based signcryption scheme was adopted to achieve mutual authentication and unlinkability.The identity-based signcryption scheme is based on the Schnorr signature scheme

a very efficient elliptic curve digital signature algorithm

which greatly reduce the total computation cost during one authentication session in comparison with existing authentication schemes.Furthermore

to achieve the security of the ephemeral secrets reveal resistance in the new authentication scheme

we constructed a computational Diffie-Hellman problem instance that required two participants to compute a value by combining its own private key with its peer's public key

respectively.We extended the eCK model to model the two-party authenticated key agreement schemes for roaming service

discussed the distinction between the security game of authenticated key agreement schemes for mobile roaming service and the general one

and demonstrated that the new scheme was provably secure in the extended eCK model.The conclusion indicates that the security of the new scheme can be reduced to solve the computational Diffie-Hellman problem on an elliptic curve over finite field by a polynomial-time adversary.Comparative analysis shows that our scheme has stronger security

needs less cryptography library

and has lower computing and communication overheads.The new scheme can be used to provide secure roaming authentication for resource constrained mobile terminals in global mobility networks

Internet of things or ubiquitous networks.

关键词

Keywords

references

浏览量

283

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

标准模型下可托管的基于身份认证密钥协商