强安全的匿名隐式漫游认证与密钥协商方案

Strongly Secure Anonymous Implicit Authentication and Key Agreement for Roaming Service

现有两方漫游认证与密钥协商方案没有考虑抵抗临时秘密泄露的安全性,仅在CK模型下可证明安全.基于椭圆曲线密码体制和基于身份密码系统,采用Schnorr签名算法设计了类似HMQV方案的"挑战-应答"签名,进而构造了一种基于隐式认证技术的、具有强安全性和匿名性的两方漫游认证密钥协商方案.随后,扩展了ID-BJM模型,使之能模拟两方漫游认证与密钥协商方案.在扩展的安全模型下,新方案的安全性被规约为多项式时间敌手求解椭圆曲线上的计算Diffie-Hellman问题,实现了eCK安全.对比分析表明:新方案具有更强的安全性,能抵抗临时秘密泄露攻击,需要实现的密码算法更少,计算、通信和存储开销都相对较低.新方案可应用于移动通信网络、物联网或泛在网络中,为资源约束型移动终端提供安全的漫游接入服务.

The existing two party authentication and key agreement protocols for roaming service are provably secure in the CK model,and do not resist the attack of ephemeral secrets reveal.Based on elliptic curve cryptography and identity based cryptosystem,we propose an anonymous two party authentication and key agreement scheme for roaming service.The new scheme,based on the Schnorr signature,achieves mutual implicit authentication by a well designed“challenge response”signature which is similar to the one in the HMQV protocol.We extend the ID BJM model,a widely used security model for analyzing identity based authenticated key agreement protocols,to simulate two party authentication and key agreement schemes for roaming service.Furthermore,we demonstrate that the new scheme is eCK secure under the extended ID BJM model,and that the security of the new scheme can be reduced to solve(by a polynomial time adversary)computational Diffie Hellman problems on an elliptic curve over finite fields.Comparative analysis shows that the new scheme has stronger security,achieves resistant to ephemeral secrets reveal,needs fewer cryptography libraries,and has lower computing,communication and storage overheads.The new scheme can be used to provide secure roaming authentication for resource constrained mobile terminals in global mobility networks,Internet of things or ubiquitous networks.