摘要
针对多密级环境特点,提出一个能够离线认证、可识别密级的移动存储设备、主机终端互认证与密钥协商协议。协议基于TTP(trusted third party)的数字签名不可伪造特性和计算离散对数问题(discrete logarithm problem,DLP)的困难性,通过验证协商密钥加密所得密文的正确性实现移动存储设备与主机终端的互认证。对协议进行非形式化和形式化分析,分析结果表明,与同类协议相比,协议安全性较高,存储开销小,预共享认证参数次数少,实用性强。协议能够有效解决多密级环境下移动存储设备密级识别、身份认证问题,对移动存储设备安全管理具有重要意义。
Considering the characteristics of multi-level environment,this paper proposed a mutual authentication and key negotiation protocol between removable storage devices and host terminals.There was no online authentication center and the protocol could be able to identify the confidentiality level.Based on the unforgeability of the digital signature from TTP and the difficulty of calculating the DLP,the protocol achieved mutual authentication between removable storage devices and host terminals through verifying the correctness of ciphertext encrypted by the negotiation key.Informal and formal analyses were put on the protocol.The analysis results show that the protocol has high security,small storage cost,low number of pre-shared authentication parameters and strong practicability compared with the similar protocols.This protocol can effectively solve the problem of confidentiality level identification and identity authentication of removable storage devices in multi-level environment.And it's of great importance to the security management of removable storage devices.
作者
冯力
郁滨
龚碧
周伟伟
Feng Li;Yu Bin;Gong Bi;Zhou Weiwei(Information Engineering University,Zhengzhou 450004,China;PLA 65012 Troops,Shenyang 110100,China)
出处
《计算机应用研究》
CSCD
北大核心
2019年第4期1115-1119,共5页
Application Research of Computers
基金
国防重点实验室开放基金资助项目(KJ-14-103)
关键词
互认证
移动存储设备
多密级
SVO逻辑
mutual authentication
removable storage device
multi-level
SVO logic
