共查询到20条相似文献,搜索用时 592 毫秒
1.
由于低功耗的移动设备计算和存储能力较低,设计一种高效且强安全的两方匿名漫游认证与密钥协商方案是一项挑战性的工作.现有方案不仅计算开销较高,而且不能抵抗临时秘密泄露攻击.针对这两点不足,提出一种新的两方匿名漫游认证与密钥协商方案.在新方案中,基于Schnorr签名机制,设计了一种高效的基于身份签密算法,利用签密的特性实现实体的相互认证和不可追踪;利用认证双方的公私钥直接构造了一个计算Diffie-Hellman(Computational Diffie-Hellman,CDH)问题实例,能抵抗临时秘密泄露攻击.新方案实现了可证明安全,在eCK(extended Canetti-Krawczyk)模型基础上,探讨两方漫游认证密钥协商方案安全证明过程中可能出现的情形,进行归纳和拓展,并给出新方案的安全性证明,其安全性被规约为多项式时间敌手求解椭圆曲线上的CDH问题.对比分析表明:新方案安全性更强,需要实现的算法库更少,计算和通信开销较低.新方案可应用于移动通信网络、物联网或泛在网络,为资源约束型移动终端提供漫游接入服务. 相似文献
2.
身份认证是阻止恶意车辆传播虚假交通信息的第一道防线。然而由于车载自组网(VANET)中网络带宽和计算能力有限,现有方案不能满足对车辆身份的高效认证需求,也无法实现对恶意车辆的快速匿名追溯。鉴于此,提出一种基于区块链的分布式匿名认证方案。该方案利用零知识证明对VANET中车辆进行快速匿名认证,并采用非线性对的聚合签名实现快速批量认证,有效减少认证过程中产生的计算量。另外,区域性可信机构(RTA)可以实现对恶意车辆身份的匿名追溯,并基于区块链对其身份进行快速撤销;还可以基于本地密钥对车辆的短期匿名身份进行及时更新,保证车辆的匿名性和签名的新鲜性。安全分析与仿真实验表明,所提方案能够满足匿名性、不可链接性等多种安全需求,并能有效降低计算与通信开销,比同类方案在性能上至少提升27.28%。 相似文献
3.
智能车载网联系统作为智慧城市建设的重要组成部分,近年来受到学术界与工业界越来越多的关注。智能车载网联系统中提升了智能车辆的行驶安全性与出行效率,但在开放的环境下数据传输容易被截取,造成敏感信息泄漏。因此需要实现匿名认证并且协商正确的会话密钥,来确保智能车载网联系统敏感信息的安全。该文提出面向分布式智能车载网联系统架构的匿名认证与密钥协商协议。该协议基于中国剩余定理秘密分享技术来保护认证标识符,智能车辆能够以线性的计算开销在不同的区域恢复出对应的标识符,该标识符能够长期安全使用且智能车辆能够在不使用防篡改设备的情况下完成安全认证,路侧通信基站能够检测信息的匿名性和完整性,并与智能车辆协商到后续安全通信的会话密钥,同时实现双向认证。此外,协议能够在复杂的分布式智能车载网联系统中拓展批量匿名认证、域密钥更新、车对车的匿名认证、匿名身份可追踪等实用性功能。安全性与性能分析表明该协议能够安全高效地部署在分布式智能车载网联环境。 相似文献
4.
5.
6.
7.
8.
9.
认证密钥协商协议能够为不安全网络中的通信双方提供安全的会话密钥,但是,大多数的认证密钥协商协议并没有考虑保护用户隐私.论文关注网络服务中用户的隐私属性,特别是匿名性和可否认性,规范了增强用户隐私的认证密钥协商协议应满足的安全需求,即双向认证、密钥控制、密钥确认、会话密钥保密、已知会话密钥安全、会话密钥前向安全、用户身份匿名、用户身份前向匿名、不可关联和可否认,并基于椭圆曲线密码系统设计了一个满足安全需求的隐私增强认证密钥协商协议. 相似文献
10.
11.
Liting Lei Wenfang Zhang Yu Wang Xiaomin Wang 《International Journal of Communication Systems》2019,32(12)
Nowadays, seamless roaming service in heterogeneous wireless networks attracts more and more attention. When a mobile user roams into a foreign domain, the process of secure handover authentication and key exchange (AKE) plays an important role to verify the authenticity and establish a secure communication between the user and the access point. Meanwhile, to prevent the user's current location and moving history information from being tracked, privacy preservation should be also considered. However, existing handover AKE schemes have more or less defects in security aspects or efficiency. In this paper, a secure pairing‐free identity‐based handover AKE protocol with privacy preservation is proposed. In our scheme, users' temporary identities will be used to conceal their real identities during the handover process, and the foreign server can verify the legitimacy of the user with the home server's assistance. Besides, to resist ephemeral private key leakage attack, the session key is generated from the static private keys and the ephemeral private keys together. Security analysis shows that our protocol is provably secure in extended Canetti‐Krawczyk (eCK) model under the computational Diffie‐Hellman (CDH) assumption and can capture desirable security properties including key‐compromise impersonation resistance, ephemeral secrets reveal resistance, strong anonymity, etc. Furthermore, the efficiency of our identity‐based protocol is improved by removing pairings, which not only simplifies the complex management of public key infrastructure (PKI) but also reduces the computation overhead of ID‐based cryptosystem with pairings. It is shown that our proposed handover AKE protocol provides better security assurance and higher computational efficiency for roaming authentication in heterogeneous wireless networks. 相似文献
12.
13.
14.
To solve the problem of security and efficiency of anonymous authentication in vehicular ad hoc network,a pairing-free certificateless batch anonymous authentication scheme was proposed.The public and private keys and pseudonyms were jointly generated by the trusted third party and vehicle,so the system security didn't depend on the tamper device.The scheme can realize authentication,anonymity,traceability,unforgeability,forward or backward security,and so on.Furthermore,under the random oracle model,the scheme can resist Type I and Type II attacks.Because there is no need to use certificates during authentication,the system storage load is effectively reduced.At the same time,the scheme realizes the batch message authentication on the basis of pairing-free operation,so the authentication efficiency is improved.Therefore,the scheme has important theoretical significance and application value in the resource-limited internet of things or embedded environment. 相似文献
15.
Hierarchical identity-based signature(HIBS)has wide applications in the large network. However, the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secret HIBS with a low computation cost. In this paper, a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings, which are independent of hierarchy depth. Furthermore, under the q-strong computational diffie-Hellman problem(q-SDH)assumption, the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model. 相似文献
16.
在电子医疗档案系统中,用户会频繁更新自己的健康数据.若直接使用现有签名方案保证这些数据的可认证性,在泄露用户身份隐私的同时,也需要大量的计算开销.为了解决上述问题,我们利用属性集合来模糊用户的身份信息,并引入可授权第三方-净化者,提出了一个属性基的可净化签名方案.安全性分析证明,本方案保护了用户的匿名性,同时在标准模型下针对给定策略选择消息攻击具有不可伪造性.通过方案对比分析表明,本方案在有效降低用户签名计算开销的同时,还支持树形访问结构,能在大规模属性集下提供灵活的细粒度访问控制. 相似文献
17.
Tianlong Gu Bin Yuan Yining Liu Peng Wang Long Li Liang Chang 《International Journal of Communication Systems》2020,33(6)
Recently, Maria Azees et al proposed an “EAAP: efficient anonymous authentication with conditional privacy‐preserving scheme for Vehicular Ad Hoc Networks.” Their scheme is mainly to solve the problem of high computation time of anonymous certificate and signature authentication, as well as the tracking problem of malicious vehicles. However, some improvements are needed in the protection of anonymous identity and the effective tracking of malicious vehicles. In this paper, our scheme realizes mutual authentication between OBU and RSU, and the RSU is authenticated without using certificate. In order to prevent the anonymous identity of the vehicles from being monitored and tracked, we use the negotiated short‐time key to encrypt the anonymous identity in the vehicle certificates. In addition, our scheme uses a new tracking method for malicious vehicles. Then, we prove the scheme through BAN logic, and it has the properties of authentication, anonymity, unlinkability, privacy protection, and traceability. Finally, we compare the computation cost and communication cost with other schemes, and the scheme has been greatly improved. 相似文献
18.
19.
李德荣 《微电子学与计算机》2010,27(1)
提出了一个具有强匿名性和可选择关联性的环签名框架.环签名框架采用随机数作为可关联标签,即使在获得私钥和公开信息的情况下,随机数作为可关联标签都具有不可重构性.分析了方案的匿名性,可选择关联性. 相似文献
20.
为了实现车载自组织网络中车辆节点之间信息传输的安全认证,该文设计了一种无证书聚合签名方案。提出的方案采用无证书密码体制,消除了复杂的证书维护成本,同时也解决了密钥托管问题。通过路侧单元生成的假名与周围节点进行通信,实现了车辆用户的条件隐私保护。在随机预言模型下,证明了方案满足自适应选择消息攻击下的存在性不可伪造。然后,分析了方案的实现效率,并模拟实现了车载自组网(VANET)环境中车流密度与消息验证的时间延迟之间的关系。结果表明,该方案满足消息的认证性、匿名性、不可伪造性和可追踪性等性质,并且通信效率高、消息验证的时延短,更适合于动态的车载自组织网络环境。 相似文献