摘要
鉴于RSA密码体制具有结构的简洁性和安全性的可证明性,提出了一种基于RSA的入侵容忍密钥分发方案。该方案具有设计原理简单,可靠性强等特点。采用可验证秘密共享方法,既防止了各种主动和被动的假冒攻击,又起到了容忍入侵的作用。由于所使用证明方法的非交互性,该方案需要的计算、通信等开销都较少,效率较高。传统的集中式密钥分发中所存在的单一失效点问题,通过设计一个容侵的密钥分发服务器组来避免。分析表明,即使攻击者控制了一定数量的服务器后,系统仍可继续完成正常的密钥管理工作。
An intrusion-tolerant key distribution scheme based on simple structure and provable security of RSA. The scheme has the properties of simple structure and high credibility. As a result of the verifiable secret sharing method in the scheme is proposed, not only to prevent a variety of active and passive fake attacks, but also to play a role in the invasion of tolerance. Because the non-interactive knowledge proof method to be used, both operation and communication overheads are reduced, thus making the schemes very efficient. Tolerance the invasion of a key distribution server group is designed to aviod the traditional centralized key distribution of the existence of a single point of failure. Analysis shows that every honest user can get a common key after the running of the protocol, even if a minority of the servers malfunction or misbehave.
出处
《计算机工程与设计》
CSCD
北大核心
2009年第17期3965-3966,3982,共3页
Computer Engineering and Design
基金
贵州省科学技术基金项目(黔科合J字[2007]2204号)
关键词
入侵容忍
RSA
秘密共享
密钥生成
密钥分发
intrusion-tolerant
RSA
secret share
key generation
key distribution