摘要
针对卫星通信网络节点安全性要求高、卫星计算资源受限等问题,提出了一种前向安全的无配对运算认证密钥协商协议。通过对现有的仅能保证会话发起方前向安全性的密钥协商协议进行改进,保证了通信双方在会话过程中的前向安全性;用轻量级的椭圆曲线离散对数运算(elliptic curve discrete logarithm,ECDL)代替双线性对运算,节省了协议计算开销;采用计算开销转移的思想,将身份认证的计算开销转移至飞行器端,相对减轻了卫星计算负担。与现有认证密钥协商协议相比,新协议计算开销较低。最后,在ID-e CK模型下给出了新协议的安全性证明。
To solve the problems just like limited satellite computing resources and high security requirements on the network nodes, this paper proposed a pairing-free ID-based authenticated key agreement protocol for satellite networks with forward security. Firstly, the satellite generated a random number which was used to compute the session key when received a key nego- tiation request message, then sent this number to the aircraft in an incidental message. These steps could ensure forward security of both satellite and aircraft. Secondly, it took lightweight elliptic curve discrete logarithm (ECDL) instead of bilinear pairing operation at new algorithm, which could save some of the protocol computation overhead. Thirdly, it took an idea of transferring a part of computational overhead to the aircraft, which could release the satellite from heavy tax. Compared with some existing authentication key agreement protocols, pairing-free ID-based authenticated key agreement protocol for satellite networks with forward security has a lower computational overhead. Finally, it proposed a security proof of the new protocol under the ID-eCK model.
出处
《计算机应用研究》
CSCD
北大核心
2015年第12期3714-3717,共4页
Application Research of Computers
基金
国家"863"计划资助项目(2012AA012704)
关键词
卫星通信网络
前向安全
认证密钥协商协议
椭圆曲线离散对数问题
satellite communication network
forward security
authenticated key agreement protocol
elliptic curve discrete logarithm