短签名算法研究及其在移动云计算中的应用

发布时间：2018-12-21 13:46

【摘要】：随着智能手机、平板电脑等移动终端的广泛普及,移动互联网(MI,Mobile Internet)应运而生,但是移动终端存在着诸如存储空间小、计算能力弱等一系列缺陷,云计算(CC,Clouding Computing)的兴起为解决移动终端的有限性提供了一种新的计算模式,从而产生了移动互联网和云计算服务的优势结合体——移动云计算(MCC,Mobile Clouding Computing)。作为一种超级计算模式,移动云计算使得用户可以通过移动互联网根据需求访问相应的计算机和存储系统,随时随地获取所需的资源和服务并方便的实现数据交换,从而降低了对移动终端的性能要求,使得移动互联网得到飞速发展。虽然云计算的引入解决了移动终端的资源有限性,但是由于云计算中数据存储在“云”端,由企业垄断,他们仅可以提供商业性的信誉保障,用户不再拥有对数据的控制能力,且若恶意用户接入云计算,将会对“云”中数据的安全造成极大的威胁,因此如何实现云计算中用户的安全接入及数据的安全存储已经成为如今的研究热点。本文研究的重点是对移动云计算接入认证协议中存在的一些安全问题进行改进。本文首先提出了一种无证书短签名算法,其具有如下优势:首先,消除了签名阶段的对运算,验证阶段只需两个对运算,且签名长度减少到160比特,具有高效的计算效率;其次,用户的公钥与其对应的私钥绑定,不仅避免了公钥替换攻击,并且恶意KGC攻击也难以实现;再次,证明了新方案在随机预言机模型下对自适应选择消息攻击是存在性不可伪造的;最后,对本论文提出的无证书短签名算法在软件环境下实现了仿真和评估,证明新算法拥有较高的安全性和执行效率。在上述无证书短签名算法的基础上,我们对移动云计算服务中基于开放身份(Open ID)认证协议中存在的安全问题进行了改进,提出了一种新的用户安全接入认证协议,本协议流程简单,计算复杂度低,实现了用户匿名性、不可否认性、双向认证、密钥建立等安全特性,提高了用户的接入效率和安全性。
[Abstract]:With the wide popularity of mobile terminals such as smart phones and tablets, the mobile Internet (MI,Mobile Internet) came into being, but mobile terminals have a series of defects such as small storage space, weak computing power, cloud computing (CC,). The rise of Clouding Computing) provides a new computing model to solve the limitation of mobile terminals, which leads to the combination of the advantages of mobile Internet and cloud computing service-Mobile Cloud Computing (MCC,Mobile Clouding Computing). As a super computing model, mobile cloud computing enables users to access the corresponding computers and storage systems according to their needs through the mobile Internet, obtain the required resources and services at any time, anywhere and easily realize data exchange. Therefore, the performance requirements of mobile terminals are reduced, and mobile Internet is developed rapidly. Although the introduction of cloud computing has solved the limited resources of mobile terminals, because the data in cloud computing is stored in the "cloud" end and monopolized by enterprises, they can only provide commercial credit protection, and users no longer have the ability to control the data. And if malicious users access cloud computing, it will pose a great threat to the security of data in the cloud. Therefore, how to realize the secure access of users and the secure storage of data in cloud computing has become a hot research topic. This paper focuses on improving some security problems in mobile cloud computing access authentication protocol. In this paper, a certificate free short signature algorithm is proposed, which has the following advantages: firstly, the pair operation in the signature phase is eliminated, only two pairs of operations are required in the verification phase, and the signature length is reduced to 160 bits, so it has an efficient computing efficiency. Secondly, the user's public key is bound to its corresponding private key, which not only avoids the public key substitution attack, but also the malicious KGC attack is difficult to implement. Thirdly, it is proved that the new scheme is unforgeable to the adaptive selection message attack under the random oracle model. Finally, the simulation and evaluation of the certificateless short signature algorithm proposed in this paper is carried out in the software environment, which proves that the new algorithm has high security and execution efficiency. Based on the above algorithms, we improve the security problems in the open identity (Open ID) authentication protocol in mobile cloud computing services, and propose a new user security access authentication protocol. The protocol has the advantages of simple flow, low computational complexity, user anonymity, non-repudiation, bidirectional authentication, key establishment and so on, and improves the access efficiency and security of users.
【学位授予单位】：西安电子科技大学
【学位级别】：硕士
【学位授予年份】：2014
【分类号】：TN918.91

【相似文献】