摘要
近年来,基于群组信息共享的工业物联网技术因具有实时、安全和信息互通等特性,被广泛应用于工业制造和金融贸易等领域。但是,该技术大多基于群组密钥协商协议,存在开销大、安全性弱、可拓展性低等缺陷。因此,如何设计安全高效的群组密钥协商协议成为当前亟需解决的科学难题,为此文中利用平衡不完全区组设计的数学结构和椭圆曲线Qu Vanstone认证协议,提出了一种全新的基于结构化的群组密钥协商协议。首先,为了降低协议的计算开销,使用ECQV认证协议,避免执行配对运算。然后,为了证明协议的安全性,借助ECDDH假设,对所提协议进行了安全性证明。最后,为了降低协议的通信开销,提高协议的可拓展性,利用非对称平衡不完全区组设计,对现有的群组密钥协商协议进行了拓展,将所支持的成员数从p 2拓展为p 2和p 2+p+1。实验结果表明,所提协议能够将计算开销降低至O(n n m),将通信开销降低至O(n n)。该协议在保证抵抗选择明文攻击时安全性的同时,还能使参与群组密钥协商的人数灵活地自适应扩展,进一步提升了群组密钥协商协议的安全性和执行效率。
In recent years,the industrial Internet of Things based on group information sharing has been widely used in industrial manufacturing,financial trade and other fields due to its real-time,security and information exchange characteristics.However,this technology is based on the group key agreement protocol,which has defects such as high overhead,weak security,and low scalability.Therefore,how to design a safe and efficient group key agreement protocol has become a scientific problem that needs to be solved urgently.In this paper,using the mathematical structure of balanced incomplete block design and the elliptic curve Qu Vanstone authentication protocol,a new method based on structured group key agreement protocol is proposed.First,in order to reduce the computational overhead of the protocol,the ECQV authentication protocol is used to avoid performing pairing operations.Then,the security of the proposed protocol is proved with the help of ECDDH assumption.Finally,in order to reduce the communication overhead of the protocol and improve the scalability of the protocol,the existing group key agreement protocol is extended by using the asymmetric balanced incomplete block design.And the number of supported members is changed from p 2 to p 2 and p 2+p+1.Experimental results show that the proposed protocol can reduce the computational overhead to O(n n m),and the communication overhead to O(n n).While ensuring security against chosen plaintext attacks,the protocol can flexibly and adaptively expand the number of participants in group key agreement,which further improves the security and efficiency of the group key agreement protocol.
作者
王子宸
袁程胜
王一力
郭萍
付章杰
WANG Zichen;YUAN Chengsheng;WANG Yili;GUO Ping;FU Zhangjie(School of Computer Science,Nanjing University of Information Science and Technology,Engineering Research Center of Digital Forensics Ministry of Education,Nanjing 210044,China;State Key Laboratory of Integrated Services Networks,Xidian University,Xi’an 710071,China)
出处
《计算机科学》
CSCD
北大核心
2023年第S02期876-885,共10页
Computer Science
基金
国家自然科学基金(62102189)
国家社会科学基金(2022GKJJGCG082)
江苏省大学生创新创业训练计划支持项目(202210300107Y)
南京信息工程大学大学生创新创业训练计划项目(XJDC202210300191)。
