移动互联网中匿名认证协议的设计与安全性分析

发布时间：2019-01-03 11:16

【摘要】：移动互联网是继互联网之后人类社会又一个庞大的产业,其正处于爆发式发展的阶段.由于移动互联网的开放性和复杂性,其安全问题的研究已经成为密码学研究领域的热点.用户在享用移动互联网中的服务时,不希望暴露包括自己身份、所处的地理位置等在内的私密信息.在这种情况下,设计一个能够保护用户隐私的安全认证协议显得尤为重要.本文主要针对移动互联网中三种不同应用环境,提出了三个新的认证协议.它们分别是：移动付费电视系统中的匿名认证协议,车载网中的匿名认证协议和多服务器架构环境中的认证协议.主要研究内容如下：1.总结分析Wang和Qin等人的移动付费电视系统中访问控制认证协议的不足之处：无法抵抗冒充攻击和不能提供匿名性的问题.提出的新方案能够克服已有方案的缺陷,并且在随机预言机模型下是可证明安全的.同时,与其他方案相比,新的方案具有更好的性能.2.首先设计了一种高效的基于身份的数字签名机制,并在随机预言机模型下给出了安全性证明.利用该签名机制构造了一个新的IBCPPA协议.该协议能够满足移动车载网的安全需求；同时,与其他同类方案相比,新的IBCPPA协议在性能上具有一定优势.3.在给出移动互联网中多服务器环境的定义和安全模型之后,提出了一个基于生物特性技术的认证协议.安全性分析和性能分析表明,在多服务器架构的应用环境下,新的认证协议在仅仅增加很小的性能消耗前提下能够解决已有方案中存在的安全问题.综上所述,本文针对移动互联网中不同应用环境(移动付费电视,车载网,多服务器环境),提出了三种认证协议.我们对所提出的协议进行了安全性分析和性能分析.和同类协议相比较,这些协议不仅具有更好的安全性,还具有良好的性能,更加适合在现实环境中应用.
[Abstract]:Mobile Internet is another huge industry of human society after the Internet, and it is in the stage of explosive development. Due to the openness and complexity of mobile Internet, the research of its security has become a hotspot in cryptography. Users do not want to expose their identity, location and other private information when they enjoy the services in the mobile Internet. In this case, it is very important to design a secure authentication protocol which can protect the privacy of users. In this paper, three new authentication protocols are proposed for three different application environments in mobile Internet. They are: anonymous authentication protocol in mobile pay TV system, anonymous authentication protocol in vehicle network and authentication protocol in multi-server environment. The main contents are as follows: 1. The shortcomings of access control authentication protocols in mobile pay-TV systems of Wang and Qin are summarized and analyzed, such as the inability to resist impersonation attacks and the inability to provide anonymity. The proposed scheme can overcome the defects of the existing schemes and be proved safe under the stochastic oracle model. At the same time, compared with other schemes, the new scheme has better performance. Firstly, an efficient identity-based digital signature mechanism is designed, and the security proof is given under the random oracle model. A new IBCPPA protocol is constructed by using the signature mechanism. This protocol can meet the security requirements of the mobile vehicle network, and the new IBCPPA protocol has some advantages in performance compared with other similar schemes. After giving the definition and security model of multi-server environment in mobile Internet, a biometric authentication protocol is proposed. Security analysis and performance analysis show that the new authentication protocol can solve the security problems in the existing schemes under the application environment of multi-server architecture with only a small increase in performance consumption. To sum up, this paper proposes three authentication protocols for different application environments (mobile pay TV, vehicular network, multi-server environment) in mobile Internet. We analyze the security and performance of the proposed protocol. Compared with the similar protocols, these protocols not only have better security, but also have good performance, so they are more suitable for application in real environment.
【学位授予单位】：武汉大学
【学位级别】：博士
【学位授予年份】：2016
【分类号】：TP309

【相似文献】