基于代理签名的移动通信网络匿名漫游认证协议

傅建庆; 陈健; 范容; 陈小平; 平玲娣

doi:10.3724/SP.J.1146.2009.01455

基于代理签名的移动通信网络匿名漫游认证协议

doi: 10.3724/SP.J.1146.2009.01455

傅建庆^{* 陈健范容陈小平平玲娣,},
陈健,
范容,
陈小平,
平玲娣

基金项目:

国家863计划项目(2008AA01A323)，国家支撑计划项目(2008BA21B03)和浙江省科技计划(2007C11088，2008C210077)资助课题

计量
- 文章访问数: 3745
- HTML全文浏览量: 118
- PDF下载量: 1431
- 被引次数: 0
出版历程
- 收稿日期: 2009-11-11
- 修回日期: 2010-10-15
- 刊出日期: 2011-01-19

A Delegation-based Protocol for Anonymous Roaming Authentication in Mobile Communication Network

Fu Jian-Qing^{* 陈健范容陈小平平玲娣
,},
Chen Jian,
Fan Rong,
Chen Xiao-Ping,
Ping Ling-Di

摘要

摘要: 随着无线移动终端的广泛应用，漫游认证、身份保密等问题显得日益突出。该文分析了现有的各种漫游认证协议在匿名性及安全性上存在的问题，指出现有协议都无法同时满足移动终端的完全匿名与访问网络对非法认证请求的过滤，进而针对性地提出了一种新的匿名认证协议。该协议基于椭圆曲线加密和代理签名机制，通过让部分移动终端随机共享代理签名密钥对的方式，实现了完全匿名和非法认证请求过滤。此外，协议运用反向密钥链实现了快速重认证。通过分析比较以及形式化验证工具AVISPA验证表明，新协议实现了完全匿名，对非法认证请求的过滤，双向认证和会话密钥的安全分发，提高了安全性，降低了计算负载，适用于能源受限的移动终端。
- 椭圆曲线加密 /
- 匿名 /
- 认证 /
- 代理签名
Abstract: With the widespread use of mobile devices, issues like roaming authentication and identification privacy become increasingly prominent. This paper analyses the shortcomings of existing protocols of roaming authentication in term of anonymity and security that these protocols can not guarantee at the same time anonymity of mobile terminals and the filtration of illegal request. Based on elliptic-curve cryptography and proxy signature, a new anonymous protocol that allows a pair of proxy signature keys to be shared among some mobile devices randomly is proposed. Through analysis and verification using AVISPA, it shows that the new protocol realizes anonymity, the filtration of illegal request, mutual authentication and secure distribution of session key. It not only improves the security, but also reduces the computational load, which makes it more suitable for mobile devices with limited power.
- Elliptic-curve cryptography /
- Anonymous /
- Authentication /
- Proxy signature

HTML全文

参考文献(1)

Kesdogan D and Palmer C. Technical challenges of network anonymity[J].Computer Communications.2006, 29(3):306-324[2][2] 3GPP TS 33.102 V8.1.0. Policy and charging control architecture[S]. Release 8, 2008-12.[3]Wu Chia-chun and Lee Wei-bin, et al.. A secure authentication scheme with anonymity for wireless communications[J].IEEE Communications Letters.2008, 12 (10):722-723[4]朱建明, 马建峰. 一种高效的具有用户匿名性的无线认证协议[J]. 通信学报, 2004, 25(6): 12-l8.[5]Zhu Jian-ming and Ma Jian-feng. An efficient authentication protocol with anonymity for wireless IP networks[J]. Journal of China Institute of Communication, 2004, 259(6): 12-18.[6]Zhu Jian-ming and Ma Jian-feng. A new authentication scheme with anonymity for wireless environment[J].IEEE Transactions on Consumer Electronic.2004, 50(1):231-235[7]Lee J S and Chang J H. Security flaw of authentication scheme with anonymity for wireless communications[J].IEEE Communications Letters.2009, 13(5):292-293[8]Wong D S. Security analysis of two anonymous authentication protocols for distributed wireless networks[C]. Third IEEE International Conference on Pervasive Computing and Communications Workshops. IEEE, Hawaii, USA, 2005: 284-288.[9]Zeng Peng and Cao Zhen-fu, et al.. On the anonymity of some authentication schemes for wireless communications[J].IEEE Communications Letters.2009, 13(3):170-171[10]Wei Yong-zhuang and Qiu Hong-bing, et al.. Security analysis of authentication scheme with anonymity for wireless environments [C]. International Conference on Communication Technology, Guilin, China, 2006: 1-4.[11]He Q, Wu D, and Khosla P. The Quest for personal control over mobile location privacy[J].IEEE Communications Magazine.2004, 42(5):130-136[12]Molva R, Samfat D, and Tsudik G. Authentication of mobile users[J]. IEEE Network, Special Issue on Mobile Communications, 1994, 8(2): 26-34.[13]Neuman B C and TSO T. Kerberos: an authentication service for computer networks[J].IEEE Communications Magazine.1994, 32(9):33-38[14]彭华熹, 冯登国. 匿名无线认证协议的匿名性缺陷和改进[J]. 通信学报, 2006, 27(9): 78-85.Peng Hua-xi and Feng Deng-guo. An efficient authentication protocol with anonymity for wireless IP networks [J]. Journal of China institute of Communication, 2006, 27(9): 78-85.[15]Lee Wei-bin and Chang-Kuo Y. A new delegation-based authentication protocol for use in portable communication systems[J].IEEE Transactions on Wireless Communications.2005, 4(1):57-64[16]Tang Cai-mu and Wu D O. An efficient mobile authentication scheme for wireless networks[J].IEEE Transactions on Wireless Communications.2008, 7(4):1408-1416[17]Tang Cai-mu and Wu D O. Mobile Privacy in Wireless Networks-Revisited[J].IEEE Transactions on Wireless Communications.2008, 7(3):1035-1042[18]Fu Jian-qing, Chen Jian, and Fan Rong, et al.. An efficient delegation-based anonymous authentication protocol[C]. Second International Workshop on Computer Science and Engineering, Qingdao, China, 2009, 1: 558-562.[19]Johnson D, Menezes A, and Vanstone S. The elliptic curve digital signature algorithm (ECDSA)[J]. International Journal of Information Security, 2001, 1(1): 36-63.[20]Ateniese G, Herzberg A, and Krawczyk H, et al.. Untraceable mobility or how to travel incognito[J].Computer Networks.1999, 31(8):785-899[21]Bozga L, Lakhnech Y, and Perin M. Hermes: An automatic tool for the verification of secrecy in security protocols[C]. 15th International Conference on Computer Aided Verification, Colorado, USA, 2003, 2725: 219-222.

施引文献

资源附件(0)

访问统计