CL-PKC系统下单向两方认证密钥协商协议的研究

发布时间：2018-05-07 06:11

本文选题：无证书公钥密码学 + 认证密钥协商　；参考：《西安电子科技大学》2015年硕士论文

【摘要】：随着信息技术的迅速发展,信息安全已经成为一个重要课题。保护公开信道上传输的信息不受攻击要借助信息安全的核心技术—密码学技术来实现。用密码算法对传输的信息进行加密之前,首先要在合法通信用户之间共享一个会话密钥。一种主要的共享会话密钥的手段和技术是认证密钥协商技术。认证密钥协商技术的核心内容是认证密钥协商协议的设计。认证密钥协商协议一般是基于公钥密码体制设计的。与基于PKI(Public Key Infrastructure,公钥基础设施)和ID-PKC(Identity-based Public Key Cryptography,基于身份的公钥密码学)设计的认证密钥协商协议相比,基于CL-PKC(Certificateless Public Key Cryptography,无证书公钥密码学)设计的认证密钥协商协议有明显优势。两方认证密钥协商协议是认证密钥协商协议中的一个主要分支,单向两方认证密钥协商协议是两方认证密钥协商协议的一个实现方法。在单向两方认证密钥协商协议中,只有发起方向响应方发送消息,响应方不返回消息给发起方。它是权衡安全性和资源开销后的一个合理选择。在研究了已有的CL-PKC系统下单向两方认证密钥协商协议后,本文做了如下工作:(1)指出目前已有的CK-PKC系统下的单向两方认证密钥协商协议都存在安全性问题,例如不能抵抗临时秘密值泄露攻击。对Lei Zhang提出的CL-PKC系统下单向两方认证密钥协商协议进行了分析,指出它无法满足作者声称的抵抗临时秘密值泄漏攻击的安全性,并给出了一个攻击方案。(2)根据Lippold等人提出的CL-PKC系统下单轮两方认证密钥协商协议,建立了一个适用于单向两方认证密钥协商协议的安全模型。在该模型下,只要通信双方分别有一个秘密信息没有被攻击者获取,就能保证协议的安全性。(3)基于上述安全模型,对Lei Zhang提出的协议进行了改进。改进后协议的安全性是基于CDH(Compute Diffie-Hellman,计算DH)困难问题和GBDH(Gap Bilinear Diffie-Hellman,间隙双线性DH)困难问题的。通过分别对改进协议六种可能情形的形式化证明,可以得出结论:该协议能够弥补Lei Zhang方案不能抵抗临时秘密值泄漏攻击的安全性问题,满足单向两方认证密钥协商协议所需的所有安全性要求。为了使协议能够满足更强的安全性,即能够抵抗私钥泄漏假冒攻击和满足前向安全性,本文对协议的两个改进方向进行了探讨。
[Abstract]:With the rapid development of information technology, information security has become an important issue. To protect the information transmitted on the open channel from attack must be realized by cryptography, the core technology of information security. Before encrypting the transmitted information with the cipher algorithm, a session key should be shared between the legitimate communication users. One of the main means and techniques for sharing session keys is authentication key agreement. The core of authentication key agreement is the design of authentication key agreement protocol. Authentication key agreement protocol is generally based on public key cryptosystem design. Compared with the authentication key agreement protocol based on PKI(Public Key infrastructure (public key infrastructure) and ID-PKC(Identity-based Public Key Cryptography, (identity-based public key cryptography), the authentication key agreement protocol based on CL-PKC(Certificateless Public Key Cryptography, (certificate free public key cryptography) has obvious advantages. Two-party authentication key agreement protocol is one of the main branches of authentication key agreement protocol, and one-way two-party authentication key agreement protocol is an implementation method of two-party authentication key agreement protocol. In the one-way two-party authentication key agreement protocol, only the initiator sends the message to the Respondent, and the Respondent does not return the message to the initiator. It is a reasonable choice after balancing security and resource overhead. After studying the existing one-way two-party authentication key agreement protocol under the CL-PKC system, this paper does the following work: 1) points out that the existing one-way two-party authentication key agreement protocol under the existing CK-PKC system has the security problem. For example, can not resist temporary secret value leak attack. This paper analyzes the unidirectional two-party authentication key agreement protocol proposed by Lei Zhang in CL-PKC system, and points out that it can not satisfy the security of the author's claim to resist the temporary secret value leak attack. An attack scheme. (2) based on the two-party authentication key agreement protocol proposed by Lippold et al for CL-PKC system, a security model for one-way two-party authentication key agreement protocol is established. In this model, the security of the protocol can be guaranteed as long as there is a secret message from each side of the communication that has not been obtained by the attacker. (3) based on the above security model, the protocol proposed by Lei Zhang is improved. The security of the improved protocol is based on the CDH(Compute Diffie-Hellman problem and the GBDH(Gap Bilinear Diffie-Hellman problem. Through the formal proof of the six possible cases of the improved protocol, it is concluded that the protocol can compensate for the security problem of the Lei Zhang scheme which can not resist the temporary secret value leak attack. Meet all the security requirements required for one-way two-party authentication key agreement protocol. In order to make the protocol more secure, that is to say, to resist the attack of private key leak and to satisfy the forward security, this paper discusses the two improvement directions of the protocol.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2015
【分类号】：TN918.4

【参考文献】