密钥交换协议中本原根的快速更新算法

Diffie-Hellman密钥交换协议可以使通信双方在不可信信道上建立共享密钥,从而实现安全通信。提出该协议的安全性建立在DH安全大素数P及其本原根g的基础上。证明了形如P=2q+1(其中q=4i+1是大素数)的DH安全大素数P有q-1个本原根,由P的最小本原根2可以快速生成其余本原根,并提出快速生成安全大素数P及其本原根g更新的算法。     

改进的基于口令的三方密钥交换协议

通过对现有的一个三方密钥交换协议进行安全性分析,指出其存在的安全隐患,并以此为基础提出一个具有完善双向认证机制的三方密钥交换协议。该协议基于计算性Diffie-Hellman问题的难解性,只需三轮就能使通信双方协商好会话密钥,与现有的大多数协议相比具有较高的计算效率,并通过安全性分析证明它是安全的。     

一种基于令牌的认证密钥交换协议

对称密钥系统较之非对称密钥系统具有惊人的速度优势,但是管理对称密钥系统的密钥却是需要解决的一个难题。Diffie-Hellman密钥交换是一个可以使通信双方在不可信信道上一同建立共享密钥,并使之应用于后继对称密钥通信系统的一种密码协议。应当注意到,Diffie-Hellman密钥交换协议不支持对所建立的密钥的认证。处于两个通信参与者Alice和Bob之间的一个恶意的攻击者Mallary可以主动操纵协议运行过程的信息并成功实施所谓的中间人攻击(man-in-the-middleattack)。因此为了能够真正在两个通信参与者Alice和Bob之间协商一个密钥就必须确保他们在协议运行过程中收到的信息的确是来自真实的对方。本文就是给出一种基于令牌的认证密钥交换协议以对Diffie-Hellman密钥交换协议进行改进。这对于电子商务等等很多网络应用而言是至关重要的。本文也给出了这种协议的安全性分析,并描述了基于JAVA的实现。     

多态性密钥交换协议的位独立性安全分析

Diffie-Hellman协议是用于正规场景中的基于离散对数的密钥交换算法,该算法要求通信双方建立长期可信任的伙伴关系。基于多态性Diffie-Hellman密钥交换协议,提出更加安全的多态性密钥交换协议设计方案,在交换协议中附加了通信双方的身份信息,可以由通信双方各自的伪随机序列产生器来共同设计多态性S-盒,这种多态性S-盒在非正规的场景中可以得到广泛应用。     

基于D-H公钥系统前向保密的密码协议

Diffie-Hellman(D-H)算法可以实现密码系统的密钥交换,其安全性依赖于计算离散对数的难度,并且Diffie-Hellman密钥交换协议能够提供前向保密性。文中通过分析Diffie-Hellman密钥交换协议,给出了一个可以应用于任何非对称密码体制的具有前向保密的密码协议。     

Internet安全议中的密钥交换技术研究

密钥创建是以为基数的数据保护的核心,同时也是Internet上对报文进行保护的关键,介绍了在Internet协议中两个通信利用Diffie-Hellman密钥交换技术协商创建密钥的几种方案,并就每种方案的特点进行了探讨。     

基于D-H公钥系统前向保密的密码协议

Diffie-Hellman（D-H）算法可以实现密码系统的密钥交换，其安全性依赖于计算离散对数的难度，并且Diffie-Hellman密钥交换协议能够提供前向保密性。文中通过分析Diffie-Hellman密钥交换协议，给出了一个可以应用于任何非对称密码体制的具有前向保密的密码协议。     

Internet安全协议中的密钥交换技术研究

密钥创建是以密码学为基数的数据保护的核心,同时也是Internet上对报文进行保护的关键。介绍了在Internet协议中两个通信实体利用Diffie-Hellman密钥交换技术协商创建密钥的几种方案,并就每种方案的特点进行了讨论。     

3GPP2网络中AKey协商机制的研究

AKey是3GPP2网络中安全协议的根密钥,用于生成子密钥。其安全性对整个系统的安全至关重要。3GPP2采用OTASP技术利用Diffie-Hellman密钥交换协议协商AKey。在分析AKey交换过程和AKey计算方法基础上,研究该机制的安全性,并提出可能的改进措施。     

Diffie-Hellman密钥交换算法及其实现

Diffie-Hellman密钥交换算法是在通信前双方交换公钥产生密钥的一种方法.     

基于口令的群密钥分发协议的分析与改进

本文分析了文献中提出的一个基于口令的群Diffie-Hellman密钥交换协议的安全性,发现其存在安全漏洞,无法抵抗用户发起的离线字典攻击。针对原协议存在的安全漏洞,我们对该协议进行了改进,改进后的协议保留了原方案的所有安全特性,并且可以有效的抵抗离线字典攻击,比原协议具有更高的安全性。     

Password-authenticated key exchange based on RSA

There have been many proposals in recent years for password-authenticated key exchange protocols, i.e., protocols in which two parties who share only a short secret password perform a key exchange authenticated with the password. However, the only ones that have been proven secured against offline dictionary attacks were based on Diffie–Hellman key exchange. We examine how to design a secure password-authenticated key exchange protocol based on RSA. In this paper, we first look at the OKE and protected-OKE protocols (both RSA-based) and show that they are insecure. Then we show how to modify the OKE protocol to obtain a password-authenticated key exchange protocol that can be proven secure (in the random oracle model). This protocol is very practical; in fact, it requires about the same amount of computation as the Diffie–Hellman-based protocols. Finally, we present an augmented protocol that is resilient to server compromise, meaning (informally) that an attacker who compromises a server would not be able to impersonate a client, at least not without running an offline dictionary attack against that client’s password.     

铁路桥梁监测中基于短签名方案的数据传输协议

针对开放式互联网环境下铁路桥梁监测系统在数据交互过程中存在的信息泄露与篡改等网络安全问题,提出一种铁路桥梁监测中基于短签名方案的数据传输协议。首先,在Boneh短签名基础上构造了基于身份的短签名方案;然后,在随机预言机模型和逆计算性Diffie-Hellman问题（Inv-CDHP）假设下证明了该方案的安全性,并进一步把此方案运用在桥梁监测数据传输协议中;最后,给出了方案实现的关键代码并与另几种方案进行了实验比较。实验结果和分析表明,新方案的平均耗时与经典的Boneh方案接近,但与Fangguo Zhang方案和Leyou Zhang方案相比,平均耗时分别减少了6%和22%。因此,该方案在签名长度和效率方面较有优势,能有效解决监测数据缺乏完整性保护和身份可靠性认证的问题。     

Security of robust generalized MQV key agreement protocol without using one-way hash functions

The MQV key agreement protocol has been adopted by IEEE P1363 Committee to become a standard, which uses a digital signature to sign the Diffie–Hellman public keys without using any one-way hash function. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two parties to establish multiple common secret keys in a single round of message exchange. However, the Harn–Lin protocol suffers from the known-key attack if all the secret keys established are adopted. Recently, Tseng proposed a new generalized MQV key agreement protocol without using one-way hash functions. Tseng claimed that the proposed protocol is robust since the new protocol can withstand the forgery attack and the known-key attack. In this paper we show that this protocol is not secure since the receiver can forge signatures. We also propose an improved authenticated multiple-key agreement protocol, which is secure against the forgery attack and the known-key attack.     

有效的强安全组群密钥交换协议

组合公钥密码(CPK)体制无需证书来保证公钥的真实性,克服了用户私钥完全由密钥管理中心生成的问题。基于CPK设计了一个常数轮的组群密钥交换协议,该协议在CDH假设下可证安全并具有完美的前向安全性,只需两轮通信即可协商一个组群会话密钥,在通信和计算方面都很高效;并且高效地支持组群成员动态加入/离开,尤其对于多成员加入/离开的情况,只需额外的少量通信和计算即可更新组群密钥,确保了前向保密性和后向保密性。此外,本协议提供了强安全性保证,它能保持密钥的秘密性,除非某一方的临时私钥和长期私钥同时被泄露。最后,该协议提供了一个设计常数轮强安全组群密钥交换协议的方法,大部分的秘密共享体制均可直接应用于该协议。     

Efficient group Diffie–Hellman key agreement protocols

In a group Diffie–Hellman (GDH) key agreement protocol, all group members collaboratively establish a group key. Most GDH key agreement protocols took natural generalization of the original Diffie–Hellman (DH) key agreement protocol to arrange all group members in a logic ring or a binary tree and to exchange DH public keys. The computational cost and the communication rounds are the two most important factors that affect the efficiency of a GDH protocol when there are a large number of group members. In this paper, we propose GDH key agreement protocols based on the secret sharing scheme. In addition, we use a one-way key confirmation and digital certificates of DH public keys to provide authentication of group keys. In the proposed authenticated GDH key agreement protocol, each group member requires to broadcast three-round messages, n modular exponentiations, n polynomial interpolations and n one-way functions. Our proposed solution is efficient, robust and secure.     

One-round identity-based key exchange with Perfect Forward Security

Identity-based authenticated key exchange (IBAKE) protocol is one of the most important cryptographic primitives that enables two parties using their identities to establish their common secret keys without sending and verifying public key certificates. Recently, many works have been dedicated to design efficient and secure IBAKE protocols without bilinear pairings which need the heavy computational cost. Unfortunately, most of the proposed protocols cannot provide Perfect Forward Security (PFS) which is a major security goal of authenticated key exchange protocols. In this paper we present an efficient and provably secure IBAKE protocol with PFS. Our protocol relies on the technique known as the concatenated Schnorr signature and it could be viewed as a variant of the protocol proposed by Fiore et al. in 2010. By using the Canetti–Krawczyk security model, we prove that the protocol is secure with PFS under the Computational Diffie–Hellman assumption in the random oracle model. The protocol is of interest since it offers a remarkable combination of advanced security properties and efficiency and its security proof is succinct and intelligible.     

New identity-based three-party authenticated key agreement protocol with provable security

Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols have been proposed and most of them broken. In this paper, we formalize the security model of ID-based authenticated tripartite key agreement protocol and propose a provably secure ID-based authenticated key agreement protocol for three parties with formal security proof under the computational Diffie–Hellman assumption. Experimental results by using the AVISPA tool show that the proposed protocol is secure against various malicious attacks.