共查询到20条相似文献,搜索用时 0 毫秒
1.
2.
王圣宝等(王圣宝,曹珍富,董晓蕾.标准模型下可证安全的身份基认证密钥协商协议.计算机学报,2007,30(10):1842-1854)提出的标准模型下可证明安全的基于身份的认证密钥协商协议不具有私钥产生中心(PKG)前向安全性。针对该安全缺陷,提出了一种新的基于身份的认证密钥协商协议,协议中给出了一种利用用户私钥和临时秘密信息联合计算共享秘密的方法,并在标准模型下证明了协议的安全性。与已有协议相比,新协议具有较高的执行效率。同时提出了一种PKG与用户共同协商私钥的方法,即用户的私钥由用户产生的部分秘密信息以及PKG的系统主密钥共同生成,从而有效解决了基于身份的认证密钥协商协议的PKG前向安全性问题。 相似文献
3.
群密钥协商(GKA)协议在构建安全多播信道中扮演着主要角色。由于公钥管理的简洁性和高效性,基于身份的认证群密钥协商协议密码系统近年来成为热门研究方向。提出了一个基于Weil对和完全三叉树结构的群密钥协商协议,同时提出了成员加入和离开子协议。对新方案的安全性进行了分析,结果显示,新方案可以抵抗常见的攻击。在性能方面,新方案在参与者较多时有较明显的计算优势。 相似文献
4.
Authenticated group key agreement (GKA) is an important cryptographic mechanism underlying many collaborative and distributed
applications. Recently, identity (ID)-based authenticated GKA has been increasingly researched because of the authentication
and simplicity of the ID-based cryptosystem. However, there are two disadvantages with this kind of mechanism: 1) the private
key escrow is inherent and 2) the Private Key Generator (PKG) must send client private keys over secure channels, making private
key’s distribution difficult. The two disadvantages, particularly secure channels, may be unacceptable for secure group communications
application. Fortunately, we can avoid both of them. In this paper, with bilinear maps on ECC, we present a new authenticated
group key agreement protocol that does not require secure channels. The basic idea is the usual way of circumventing escrow:
double key and double encryption (verification). The secret key of a user is generated by a key generation center (KGC) and
the user collaboratively. Each of them has “half” of the secret information about the secret key of the user, and there is
no secret key distribution problem. In addition, the computation cost of the protocol is very low because the main computation
is binary addition. 相似文献
5.
Kyung-Ah Shim 《Information Sciences》2012,186(1):239-248
In this paper, we propose a round-optimal identity-based authenticated key agreement protocol for a three-party setting in which three parties can actually transmit messages simultaneously. We then give its security proof in the random oracle model under the Bilinear Diffie–Hellman assumption. 相似文献
6.
7.
8.
Group key agreement protocols are crucial for achieving secure group communications.They are designed to provide a set of users with a shared secret key to achieve cryptographic goal over a public network.When group membership changes,the session key should be refreshed efficiently and securely.Most previous group key agreement protocols need at least two rounds to establish or refresh session keys.In this paper,a dynamic authenticated group key agreement(DAGKA) protocol based on identity-based cryptography is presented.By making use of the members’ values stored in previous sessions,our Join and Leave algorithms reduce the computation and communication costs of members.In the proposed protocol,Setup and Join algorithms need one round.The session key can be refreshed without message exchange among remaining users in Leave algorithm,which makes the protocol more practical.Its security is proved under decisional bilinear Diffie-Hellman(DBDH) assumption in random oracle model. 相似文献
9.
10.
对三个标准模型下可证明安全的身份基认证密钥协商协议进行了安全属性缺陷分析,在原方案基础上提出了一个安全增强的新方案。新方案满足目前已知的绝大多数安全属性要求,包括已知会话密钥安全性、抗密钥泄露伪装、抗未知密钥共享、无密钥控制以及消息独立性,特别是满足完美前向安全性、PKG前向安全性、已知会话相关临时秘密信息安全性,同时保持了良好的计算效率。 相似文献
11.
认证密钥协商是保证参与者后续通信安全的一种重要机制。2007年,J.Oh等人提出了一种新的利用椭圆曲线密码体制的基于身份的认证密钥协商协议,该协议最大的特点是可以通过一次会话密钥协商过程生成两个会话密钥。但研究发现,该协议不能抵抗基本的冒充攻击和密钥泄露冒充攻击,详细地描述了这两个安全弱点后提出了一种新的改进方法,并分析了新协议的安全性。 相似文献
12.
With the rapid progress of wireless mobile communication, the authenticated key agreement protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing authenticated key agreement protocols are not suitable for wireless mobile communication. Quite recently, Sui et al. have presented an efficient authenticated key agreement protocol based on elliptic curves cryptography and included their protocol in 3GPP2 specifications to improve the security of A-Key distribution. However, in this paper, we show that Sui et al.'s protocol can't resist the off-line password guessing attack, and therefore present an enhanced authenticated key agreement protocol. At the same time, we also consider including our enhanced protocol in 3GPP2 specifications. 相似文献
13.
14.
15.
针对李、贾的两个无证书三方协议,分别构造具体攻击算法证明方案均有安全缺陷,进一步提出了新的三方认证密钥协商协议并进行分析;由于该协议计算效率的局限性,同时在考虑内部人攻击的情况下采用Schnnor签名提出第二个协议。与同类协议相比,两协议均具有安全性优势,满足完美前向安全、已知会话密钥安全、抗密钥泄露伪装安全和抗临时密钥泄露安全等属性,避免了证书管理和密钥托管的缺陷;协议1与2相比,前者通信成本较低并实现了可证安全,后者计算效率更高且抗内部人攻击,均适用于电子商务、手机漫游或电子会议三方交互应用场景。 相似文献
16.
Many authenticated key agreement protocols based on identity information were published in recent years. Hsieh et al. presented their protocol in 2002. However, Tseng et al. found a flaw in the protocol which resulted in a key compromise impersonation attack. Later, Tseng proposed his protocol conforming which conforms to all desirable security properties and is efficient. In this paper we propose two new two-party identity-based authenticated key agreement protocols. The first is based on Hsieh et al.'s protocol and makes it immune against Tseng et al.'s attack, while the second is an efficiently improved protocol based on Tseng's protocol. 相似文献
17.
Kumari Saru Das Ashok Kumar Li Xiong Wu Fan Khan Muhammad Khurram Jiang Qi Hafizul Islam S. K. 《Multimedia Tools and Applications》2018,77(2):2359-2389
Multimedia Tools and Applications - An authentication scheme handling multiple servers offers a feasible environment to users to conveniently access the rightful services from various servers using... 相似文献
18.
19.
With the rapid development of mobile cloud computing, the security becomes a crucial part of communication systems in a distributed mobile cloud computing environment. Recently, in 2015, Tsai and Lo proposed a privacy-aware authentication scheme for distributed mobile cloud computing services. In this paper, we first analyze the Tsai–Lo’s scheme and show that their scheme is vulnerable to server impersonation attack, and thus, their scheme fails to achieve the secure mutual authentication. In addition, we also show that Tsai–Lo’s scheme does not provide the session-key security (SK-security) and strong user credentials’ privacy when ephemeral secret is unexpectedly revealed to the adversary. In order to withstand these security pitfalls found in Tsai–Lo’s scheme, we propose a provably secure authentication scheme for distributed mobile cloud computing services. Through the rigorous security analysis, we show that our scheme achieves SK-security and strong credentials’ privacy and prevents all well-known attacks including the impersonation attack and ephemeral secrets leakage attack. Furthermore, we simulate our scheme for the formal security analysis using the widely-accepted AVISPA (Automated Validation of Internet Security Protocols and Applications) tool, and show that our scheme is secure against passive and active attacks including the replay and man-in-the-middle attacks. More security functionalities along with reduced computational costs for the mobile users make our scheme more appropriate for the practical applications as compared to Tsai–Lo’s scheme and other related schemes. Finally, to demonstrate the practicality of the scheme, we evaluate the proposed scheme using the broadly-accepted NS-2 network simulator. 相似文献
20.
Yang and Chang (2009) proposed a three-party authenticated key exchange protocol for securing communications in mobile-commerce environments. Their protocol reduces computation and communication costs by employing elliptic curve cryptosystems. However, Tan (2010) pointed out that Yang and Chang (2009)’s protocol cannot withstand impersonation and parallel attacks, and further proposed an enhanced protocol to resist these attacks. This paper demonstrates that Tan (2010)’s approach still suffers from impersonation attacks, and presents an efficient and secure three-party authenticated key exchange protocol to overcome shown weaknesses. 相似文献