共查询到19条相似文献,搜索用时 140 毫秒
1.
移动Ad hoc网络是一种资源有限的移动多跳无线网络。在网络中构建组密钥协商协议时应尽可能地减少资源开销。文中在基于身份的网络安全环境下,设计了一种基于环状结构的组密钥协商协议。该协议采用椭圆曲线上的双线性配对,仅通过单轮通信完成组密钥协商。经过分析,该协议具有等献性,已知密钥安全,无密钥控制等安全属性,适用于Ad hoc网络。 相似文献
2.
3.
4.
针对无线通信中用户进行身份认证与密钥协商存在的安全性与计算量之间的制约关系问题,提出一种基于椭圆曲线离散对数难题(Elliptic Curve Discrete Logarithm Problem,ECDLP)的用户快速认证密钥协商协议。该协议通过对用户注册与认证密钥协商阶段的安全性与计算量进行综合分析,基于ECDLP难题为用户在注册阶段分配唯一身份标识符,通过增加用户注册阶段服务器的计算量,有效降低认证密钥协商阶段的计算量,在保证通信机密性、认证性与完整性的条件下,提高用户进行认证密钥协商的效率。安全性分析与计算量对比的结果表明,与其他同类协议相比,本文所提出的协议能在满足安全需求的前提下,有效地降低认证密钥协商协议的总体计算量。 相似文献
5.
6.
7.
组密钥是安全组通信中实现信息机密性和完整性的关键.适应于MANET有限的计算、通信资源,MANET组密钥管理协议应具有较少的计算量,较低的运算强度.分析了MANET组密钥管理方案所应具备的性质;结合固定网络环境下具有最小通信量的组密钥协商协议STR协议及基于身份标识的公钥密码技术,提出了一个基于身份标识的贡献式MANET组密钥协商管理协议CEAGKP,具有较小的通信量、较强的安全性与可扩展性,能够很好地适应MANET环境的要求.仿真结果证明了CEAGKP具有较好的伸缩性. 相似文献
8.
针对当前GSM-R网络身份认证与密钥协商方案存在扩展性差、用户身份信息易泄露的问题,本文为下一代高速铁路无线通信系统LTE-R提出一种基于自认证公钥体制的认证与密钥协商协议,实现实体间双向身份认证,保护空中接口及有线通信链路. 相似文献
9.
10.
11.
Zuowen Tan 《International Journal of Communication Systems》2015,28(3):534-545
An authenticated group key agreement protocol allows participants to agree on a group key that will be subsequently used to provide secure group communication over an insecure network. In this paper, we give a security analysis on a pairing‐free identity‐based authenticated group key agreement because of Islam et al. We show that the protocol of Islam et al. cannot satisfy the minimal security requirements of the key agreement protocols. We propose an efficient pairing‐free identity‐based authenticated group key agreement for imbalanced mobile network. The proposed protocol can be implemented easily for practical application in mobile networks as it is free from bilinear. Under the difficulty of the InvCDH and CDH we demonstrate that the proposed protocol provides perfect forward secrecy, implicit key authentication and the dynamic functionality. As compared with the group key agreement protocols for imbalanced mobile network, the proposed protocol provides stronger security properties and high efficiency. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
12.
针对Diffie-Hellman密钥交换协议和ECDH密钥协商协议的缺陷,给出了一种改进后的可认证密钥协商协议。该协议具有等献性、密钥不可控、密钥确认、完美前向安全以及抗已知密钥攻击等安全特性。跟以往的密钥协商协议相比,其管理简单、开销较低、安全性高、扩展性较好且实现了身份认证,以较低的计算成本和较高的运算效率实现了通信双方安全的会话密钥协商与密钥验证,能够较好地适用于大规模网络的端到端密钥管理。 相似文献
13.
A secure and efficient password‐authenticated group key exchange protocol for mobile ad hoc networks
Daojing He Chun Chen Maode Ma Sammy Chan Jiajun Bu 《International Journal of Communication Systems》2013,26(4):495-504
Password‐authenticated group key exchange protocols enable communication parties to establish a common secret key (a session key) by only using short secret passwords. Such protocols have been receiving significant attention. This paper shows some security weaknesses in some recently proposed password‐authenticated group key exchange protocols. Furthermore, a secure and efficient password‐authenticated group key exchange protocol in mobile ad hoc networks is proposed. It only requires constant round to generate a group session key under the dynamic scenario. In other words, the overhead of key generation is independent of the size of a total group. Further, the security properties of our protocol are formally validated by a model checking tool called AVISPA. Security and performance analyses show that, compared with other related group key exchange schemes, the proposed protocol is also efficient for real‐world applications in enhancing the security over wireless communications. Copyright © 2011 John Wiley & Sons, Ltd. 相似文献
14.
Internet网络环境中认证与密钥分配的研究 总被引:11,自引:0,他引:11
本文根据ISO制定的OSI安全结构,提出了一种解决intranet安全性问题的全面安全模式,并设计了一个适用于Internet环境的认证与密钥分配协议;新协议采用分层机制,在低层利用intranet本地网的已有认证与密钥分配协议,在高层则采用双钥密码体制来设计跨intranet的认证与密钥分配协议。新协议与已有密码协议有很好的兼容性,且不降低原协议的安全性,并为in-tranet的各种远程访问提供安全保护,有利于网络的安全管理 相似文献
15.
Wang Changji Yang Bo Wu Jianping 《电子科学学刊(英文版)》2005,22(5):485-489
In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang's protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang's protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations. 相似文献
16.
Ad Hoc网络是一种独具特色的网络,作为一种新型的无线,多跳、无中心分布式控制网络,它无需网络基础设施,具有很强的自组织性,鲁棒性.抗毁性和容易构建的特点,其安全问题一直是研究的热点和难点.文中提出了一种改进的基于椭圆曲线密码组合公嘲的ad hoc密钥管理方案.与原方案相比,除了保持快捷地计算出节点的公私钥对、扩展性好、无需证书等特性外,新方案进一步提高了ad hoc网络的安全性,避免了单点失败. 相似文献
17.
The three-party authenticated key agree-ment protocol is a significant cryptographic mechanism for secure communication,which encourages two entities to authenticate each other and generate a shared session key with the assistance of a trusted party (remote server) via a public channel.Recently,Wang et al.put forward a three-party key agreement protocol with user anonymity and alleged that their protocol is able to resist all kinds of attacks and provide multifarious security features in Computer Engineering & Science,No.3,2018.Unfortunately,we show that Wang et al.'s protocol is vulnerable to the password guessing attack and fails to satisfy user anonymity and perfect secrecy.To solve the aforementioned problems,a lightweight chaotic map-based Three-party authenticated key agreement protocol(short for TAKAP) is proposed,which not only could provide privacy protection but also resist a wide variety of security attacks.Furthermore,it is formally proved under Burrows-Abadi-Needham (BAN) logic.Simultaneously,the performance analysis in this paper demonstrates that the proposed TAKAP protocol is more secure and efficient compared with other relevant protocols. 相似文献
18.
目前大部分基于身份的三方认证密钥协商协议都存在安全缺陷,文中在Xu等人提出的加密方案的基础上,设计了一种基于身份的三方认证密钥协商协议.该协议的安全性建立在BDDH假设基础上,经安全性分析,协议具有已知密钥安全,PKG前向安全,并能抵抗未知密钥共享攻击和密钥泄露伪装攻击,因此该协议是一个安全的三方密钥协商协议. 相似文献
19.
由于低功耗的移动设备计算和存储能力较低,设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高,而且不能抵抗临时秘密泄露攻击.针对这两点不足,提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中,基于Schnorr签名机制,设计了一种高效的基于身份签密算法,利用签密的特性实现实体的相互认证和不可追踪;利用认证双方的公私钥直接构造了一个计算Diffie-Hellman(Computational Diffie-Hellman,CDH)问题实例,能抵抗临时秘密泄露攻击.新方案实现了可证明安全,在eCK(extended Canetti-Krawczyk)模型基础上,探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形,进行归纳和拓展,并给出新方案的安全性证明,其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明:新方案安全性更强,需要实现的算法库更少,计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络,为资源约束型移动终端提供漫游接入服务. 相似文献