摘要
在使用密钥管理中心(KDC)进行广播通讯密钥分配的网络安全协议中,保证KDC的安全并提供高效率的密钥服务是一个非常重要的课题。区别于目前的域分割和服务器备份方案,使用双变量多项式作为门限构造函数,在多个分布式KDC服务器上分发不同的伪随机数产生函数,需要特定数目的授权服务器联合才能计算出最终的对称密钥,保证少于一定数目的KDC服务器被攻击后不能对系统产生威胁,从而保证了分布式KDC的安全性,并且能够避免广播通讯密钥分配过程中的效率瓶颈和单点失败。
Key Distributed Center (KDC) is an important component for generating symmetric key in multicast communication without using public key cryptography. It is important to keep KDC security and provide efficient symmetric key service. Different from the current partition to domain or replication solution, the proposed scheme uses bivariate polynomials to construct threshold distributed pseudo-random function, distribute the bivariate polynomials across the KDC servers, only the united authorized set of servers can compute the pseudo random for key. It ensure certain number of unauthorized server will not threaten the security of the whole network after being attacked. Therefore, enhance the security of distributed KDC servers was enhanced, and bottlenecks or single points of failure can be prevented.
出处
《计算机应用》
CSCD
北大核心
2007年第5期1038-1040,1053,共4页
journal of Computer Applications
基金
国家973规划资助项目(G1999035802)
国家863计划资助项目(2001AA141120)
关键词
入侵容忍
密钥管理中心
伪随机数产生函数
对称密钥
intrusion tolerant
Key Distributed Center (KDC)
pseudo random function
symmetric key
