基于层级化身份的可证明安全的认证密钥协商协议
doi: 10.3724/SP.J.1146.2014.00684
Provably Secure Authenticated Key Agreement Protocol Based on Hierarchical Identity
-
摘要: 目前基于身份的认证密钥协商协议均以单个私钥生成器(PKG)为可信第三方,但这种系统结构难以满足身份分层注册与认证需求。该文以基于层级化身份的加密(HIBE)系统为基础重构了私钥的组成元素,并利用椭圆曲线乘法循环群上的双线性映射提出一个基于层级化身份的认证密钥协商协议,为隶属于不同层级的云实体提供了安全的会话密钥协商机制。基于CDH(Computational Diffie-Hellman)与GDH(Gap Diffie-Hellman)假设,该文证明了新协议在eCK模型下具有已知密钥安全性、前向安全性和PKG前向安全性,并且能够抵抗基于密钥泄露的伪装攻击。
-
关键词:
- 云计算 /
- 认证密钥协商协议 /
- 基于身份的密码体制 /
- 基于层级化身份的加密 /
- eCK模型
Abstract: At present most Identity-based authenticated key agreement protocols are built on the security infrastructure in which a single Private Key Generator (PKG) is contained as the only trusted third party of the whole system, however such kind of infrastructure can not satisfy the requirements of hierarchical identity register and authentication. On the basis of Hierarchical Identity Based Encryption (HIBE) system, this paper reconstructs the private key and proposes a new hierarchical identity based authenticated key agreement protocol using the bilinear map in multiplicative cyclic group and it provides secure session key exchange mechanism for cloud entities on different hierarchical levels. Based on the Computational Diffie-Hellman (CDH) and Gap Diffie-Hellman (GDH) assumptions, this paper proves that the new protocol not only achieves known-key security, forward secrecy and PKG forward secrecy, but also resists key-compromise impersonation attacks in the eCK model. -
计量
- 文章访问数: 1795
- HTML全文浏览量: 127
- PDF下载量: 723
- 被引次数: 0
下载:
