摘要
用电信息采集系统信息量巨大、覆盖面广,而传统的认证密钥协商协议计算量开销大、通信交互次数多,无法满足其高实时、低成本的现实需求。为了实现电力数据的安全高效传输,文中基于证书认证及新旧参数保护密钥动态协商机制,提出了一种轻量级认证密钥协商协议,结合BAN逻辑形式化分析和非形式化分析方法对协议进行分析,证明协议在达到一级信仰和二级信仰的同时具有双向实体认证、完美的向前保密性等安全属性。该协议能够抵抗多种攻击,在保证安全的情况下实时高效地完成身份认证及密钥协商,适用于用电信息采集系统对密钥应用的需求。
In view of the inability of the traditional authenticated protocol with key agreement to meet its high real-time and low- cost practical demand because of large numbers of computations and communication interactions required by the wide coverage and enormous information of the power utilization information collecting system, a lightweight authenticated protocol with key agreement based on digital certificate and dynamic consultative mechanism of old and new parameter protection keys is presented for safe and efficient transmission of electric power data. By combining the BAN logic formalized analysis and the non formalized analysis, it is proved that the protocol has reached level- I belief and level- Ⅱ belief, and can realize a two-way entity authentication and perfect forward secrecy simultaneously. Also, it is capable of effectively defending various attacks and completing the real-time authentication and key agreement, meeting the demand of the power utilization information collecting system on the key application.
出处
《电力系统自动化》
EI
CSCD
北大核心
2013年第12期81-86,共6页
Automation of Electric Power Systems
基金
国家重点基础研究发展计划(973计划)资助项目(2012CB724400)~~
关键词
用电信息采集
数字证书
身份认证
密钥协商
BAN逻辑
形式化分析
power utilization information collecting
digital certificate
identity authentication
key agreement
BAN logic
formalization analysis
