摘要
对Chen所提的一种基于身份的多重认证密钥交换协议和一种无证书双方认证密钥协商协议进行了安全性分析,证明其提出的基于身份的多重认证密钥交换协议除了存在基于身份公钥密码体制固有的密钥托管问题之外,还不能满足前向安全性;不使用对的无证书双方认证密钥协商协议也无法抵抗无证书公钥密码体制安全模型中A_(II)类型敌手的攻击.由此,基于椭圆曲线密码体制分别提出新的无证书多重和单重认证密钥交换协议,证明新方案满足已知密钥安全、完美前向安全、抗临时密钥泄漏、抗假冒攻击及抗中间人攻击等安全特性.效率分析表明,新方案在确保安全性的同时具有较高的运算效率.
Chen proposed an identity-based authenticated multiple key agreement protocol and a certificateless two-party authenticated key agreement protocol, security analysis shows that the proposed identity-based authenticated multiple key agreement protocol has the key escrow problem existing in identity-based public key cryptography and can not supply forward secrecy either. The proposed certifi- cateless two-party authenticated key agreement protocol without bilinear pairings can not resist the attacks from Attacker AII existing in security model of certificateless public key cryptography. To solve the security problems of Chen's protocols, we proposed a certificate- less two-party authenticated multiple key agreement protocol and a certificateless two-party authenticated single key agreement protocol based on ECC. Then we prove that our new protocols satisfy the known-key security, perfect forward secrecy, against ephemeral key leakage, key-compromise resilience, against Man-in-the middle attack and other security properties a two-party authenticated key agree- ment protocol should have. Meanwhile, the novel schemes avoid bilinear paring operation, efficiency analysis show that they can supply stronger security with lower computational overhead.
出处
《小型微型计算机系统》
CSCD
北大核心
2017年第5期1007-1012,共6页
Journal of Chinese Computer Systems
基金
国家自然科学基金项目(61100042)资助
海军工程大学自然科学基金项目(20150437)资助
