摘要
针对三元对等架构(TePA)的公钥证书管理和密钥托管问题,在Te PA的密钥管理方法中引入并行密钥隔离机制,提出了一种基于可信安全架构的三元并行密钥隔离方案。该机制强化了对物联网系统中无线节点之间的身份鉴别,通过将Te PA的三元对等校验协议和并行密钥隔离机制相结合,提高了系统密钥的安全性,确保系统中设备的身份信息不被泄漏。三元并行密钥隔离方案给出了具体的现实模型,并实验验证了该模型能有效提高原系统的安全性能,同时具有合理的系统开销。
Aiming at public key certificate management and key escrow issues of TePA,and by introducing the parallel key isolation mechanism in the key management method of TePA,a parallel ternary key isolation scheme based on trusted security architecture is proposed.The mechanism strengthens the identity authentication of among wireless nodes in IoT(the Internet of things)network,and by combining the ternary peer verification protocol of TePA with the parallel key isolation mechanism,improves the security of the system key,and protects the identity information of the device in the system from being leaked.The concrete reality model of ternary parallel key isolation scheme is given,and indicates that this model could effectively improve the security performance of the original system while ensuring reasonable system overhead.
作者
林凡
张振华
成杰
张广驰
崔苗
张秋镇
LIN Fan;ZHANG Zhen-hua;CHENG Jie;ZHANG Guang-chi;CUI Miao;ZHANG Qiu-zhen(Innovation and Entrepreneurship Center(Technology Center),GCI Science&Technology Co.,Ltd.,Guangzhou Guangdong 510310,China;College of Information Engineering,Guangdong University of Technology,Guangzhou Guangdong 510006,China)
出处
《通信技术》
2018年第9期2182-2188,共7页
Communications Technology
基金
国家自然科学基金项目(No.61571138)
广东省自然科学基金项目(No.2015A030313481)
广东省重大科技专项(No.2017B090909006)~~
关键词
并行密钥隔离
三元对等架构
双向认证
物联网
PKIE(Parallel Key-Insulated public key Encryption)
TePA(Tri-element Peer Authentication)
mutual authentication
IoT(Internet of Things)