摘要
针对终端接入移动网络缺乏可信性验证问题,提出一种移动网络可信匿名认证协议,移动终端在接入网络时进行身份验证和平台完整性认证。在可信网络连接架构下,给出了可信漫游认证和可信切换认证的具体步骤,在认证时利用移动终端中预存的假名和对应公私钥对实现了用户匿名隐私的保护。安全性分析表明,协议满足双向认证、强用户匿名性、不可追踪性和有条件隐私保护。协议中首次漫游认证需要2轮交互,切换认证需1轮即可完成,消息交换轮数和终端计算代价优于同类可信认证协议。
The lackness of trusted verification of mobile terminal may affect the security of mobile network. A trusted anonymous authentication protocol for mobile networks was proposed, in which both user identity and platform integrity were authenticated when the mobile terminal accesses the networks. On the basis of trusted network connection architecture, the concrete steps of trusted roaming authentication and trusted handover authentication were described in detail. The authentication used pseudonyms and the corresponding public/private keys to achieve the protection of the user anonymous privacy. The security analysis indicates that the proposed protocol meets mutual authentication, strong user anonymity, untraceability and conditional privacy preservation; moreover, the implementation of the first roaming authentication requires two rounds of communications while the handover authentication protocol just needs one round. The analytic comparisons show that the proposed protocol is efficient in terminal computation and turns of message exchange.
出处
《计算机应用》
CSCD
北大核心
2016年第8期2231-2235,共5页
journal of Computer Applications
基金
国家自然科学基金资助项目(61402530)
武警工程大学基础研究基金资助项目(WJY201520)~~
关键词
可信计算
可信网络连接
移动网络
漫游认证
可信认证
trusted computing
trusted network connection
mobile network
roaming authentication
trusted authentication
