摘要
一轮Diffie-Hellman密钥交换(One-Round Diff ie-Hellman key exchange,OR-DHKE)协议被认为无法实现完美的前向安全性(Perfect Forward Secrecy,PFS)。基于身份的OR-DHKE协议也是如此,现有研究仅实现了弱的完美前向安全性(wPFS)。基于Cremers等人对密钥交换协议完美前向安全性的研究,文章提出一种新的具有完美前向安全的基于身份认证密钥交换方案。文章首先提出一种较弱安全性的基于身份OR-DHKE协议π0,然后采用Cremers等人提出的SIG变换方法,将π0转化为具有完美前向安全的基于身份认证密钥交换方案π1。文章简要分析了CK、CK^+、eCK和eCK-PFS安全模型的异同,在此基础上定义了基于身份认证密钥交换协议分析的强安全模型ID-eCK-PFS。在ID-eCK-PFS模型下,协议π0和π1的安全性被规约为求解判定性BDH(Decisional Bilinear Diffie-Hellman,DBDH)问题,规约过程未使用随机预言机,实现了在标准模型下的完美前向安全性和可证明安全性。
One-round Diffie-Hellman key exchang e(OR-DHKE)protocols are considered to be unable to achieve perfect forward secrecy(PFS),so is identity-based OR-DHKE.Existing protocols in identity-based set provide only weak perfect forward secrecy(wPFS)at best.Based on the research on the PFS of Diffie-Hellman key exchange by Cremers et al.,this paper proposed a new identity-based authenticated key exch ange scheme with perfect forward secrecy.The article proposed firstly an identity-based OR-DHKE protocol with wPFS,namedπ0,and then employed the SIG transformation proposed by Cremers et al.to transformπ0into an iden tity-based authenticated key exchange with PFS,namedπ1.Meanwhile,the article compared several main security models,including CK,CK^+,eCK and eCK-PFS,and defined a strong security model,ID-eCK-PFS,for identity-based au thenticated key exchange protocol.Under the ID-eCK-PFS model,the security of the protocolsπ0andπ1were respectively deduced to solve the Decisional Bilinear Diffie-Hellman(DBDH)problem,and it didn′t use random or acle in the security games.Accordingly,the proposed protocol achieves perfect forward secrecy,and is provab le security in standard model.
作者
龙桂铃
陈明
LONG Gui-ling;CHEN Ming(Center of Network and Education Technology,Yichun University,Yichun,Jiangxi 336000,China;School of Mathematics and Computer Science,Yichun University,Yichun,Jiangxi 336000,China)
出处
《光电子.激光》
EI
CAS
CSCD
北大核心
2020年第8期878-890,共13页
Journal of Optoelectronics·Laser
基金
国家自然科学基金项目(61662083)
江西省教育厅科学技术研究项目(GJJ181553)资助项目。
关键词
认证密钥交换
基于身份密码
标准模型
完美前向安全
判定性BDH假设
authenticated key exchange
identity-based cryptography
standard model
perfect forward secrecy
decisional bilinear Diffie-Hellman assumption