共查询到20条相似文献,搜索用时 78 毫秒
1.
Escrowable identity-based authenticated key agreement(AKA) protocols are desirable under certain circumstances especially in certain closed groups applications.In this paper,we focus on two-party identitybased AKA schemes in the escrow mode,and present a strongly secure escrowable identity-based AKA protocol which captures all basic desirable security properties including perfect forward secrecy,ephemeral secrets reveal resistance and so on.The protocol is provably secure in the extended Canetti-Krawczyk model,and its security can be reduced to the standard computational bilinear Diffie-Hellman assumption in the random oracle model.Assuming no adversary can obtain the master private key for the escrow mode,our scheme is secure as long as each party has at least one uncompromised secret.Also,we present two strongly secure variants of the protocol,which are computationally more efficient than the original scheme. 相似文献
2.
现有的基于身份(ID)认证协议大多在CK模型中被证明是安全的,而CK模型比扩展的CK模型(eCK模型)更弱。基于NAXOS方法,利用双线性对设计了一种新协议,并基于随机预言假设和GBDH假设,在eCK模型中证明了协议的安全性。与其他的基于身份认证协议相比,新协议的计算复杂度和通信复杂度较低;满足主密钥前向安全性和完美前向安全性,并抗密钥泄漏伪装。 相似文献
3.
Certificateless authenticated key agreement (CL-AKA) protocols have been studied a great deal since they neither suffer from a heavy certificate management burden nor have the key escrow problem. Recently, many efficient CL-AKA protocols without pairings have been built. However, these pairing-free CL-AKA protocols are either not proved in any formal security model or proved under the gap Diffie-Hellman (GDH) assumption, a non-standard and strong assumption. With available implementation technologies, pairings are needed to realize the GDH assumption, which means that these pairing-free CL-AKA protocols are not pure pairing-free. Furthermore, these protocols are insecure in the strengthened eCK (seCK) model, which encompasses the eCK model and considers leakages on intermediate results. In this paper, we present a pure pairing-free CL-AKA protocol, which is provably secure in the seCK model under the standard computational Diffie-Hellman (CDH) assumption. Compared with the existing CL-AKA protocols, the proposed protocol has advantage over them in security or efficiency. 相似文献
4.
Constructing a secure key exchange protocol is one of the most challenging problems in information security. We propose a provably secure two-round two-party authenticated key exchange (2AKE) protocol based on the well-studied CDH assumption in eCK model to provide the strongest definition of security for key exchange protocol when using the matching session to define the partnership. The underlying hardness assumption (CDH assumption) of our protocol is weaker than these of four other provably secure 2AKE protocols in CK model or eCK model and the computational cost of our protocol is reasonable. We also present a three-round variant of our protocol to realize key conformation. 相似文献
5.
Escrowable identity-based authenticated key agreement protocols are welcome in certain closed groups applications, where audit trail is a legal requirement. In this paper, we present a strongly secure one-round escrowable identity-based two-party authenticated key agreement protocol, which captures all basic desirable security properties including perfect forward secrecy, ephemeral secrets reveal resistance and so on, and is provably secure in the extended Canetti–Krawczyk (eCK) model. We show that the security of the protocol can be reduced to the standard computational bilinear Diffie–Hellman assumption in the random oracle model. Assuming that no adversary can obtain the master private key for the escrow mode, our scheme is secure as long as each party has at least one uncompromised secret. To the best of our knowledge, our scheme is the first escrowable identity-based authenticated key agreement protocol provably secure in the eCK model. 相似文献
6.
Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap Diffie-Hellman (GDH) assumption. Furthermore, the proposed protocol is very efficient. 相似文献
7.
Ustaoglu presents a secure and efficient key exchange protocol named CMQV,based on the design rationales of HMQV and NAXOS.Compared with the latter two protocols,on one hand,CMQV achieves high performance of HMQV,and on the other,it is proven secure in eCK model as NAXOS is.However,CMQV enjoys the security proof under gap Diffie-Hellman assumption as indicated by its creators.In this paper,we propose a variant of CMQV,called CMQV+,which is proven secure under a weaker assumption (i.e.computational Diffie-Hellman assumption) in eCK model with random oracles while maintaining the high-performance feature of CMQV as much as possible. 相似文献
8.
9.
10.
Key agreement allows multi-parties exchanging public information to create a common secret key that is known only to those entities over an insecure network. In the recent years, several identity-based (ID-based) authenticated key agreement protocols have been proposed and most of them broken. In this paper, we formalize the security model of ID-based authenticated tripartite key agreement protocol and propose a provably secure ID-based authenticated key agreement protocol for three parties with formal security proof under the computational Diffie–Hellman assumption. Experimental results by using the AVISPA tool show that the proposed protocol is secure against various malicious attacks. 相似文献
11.
A three-party password-based authenticated key exchange (3PAKE) protocol is a useful mechanism to establish a secure session key in a network. However, most current 3PAKE protocols only achieve “heuristic” security; the underlying hardness assumptions of these protocols are not perfect. We propose a 3PAKE protocol which is provably secure if the Diffie–Hellman problem is computationally infeasible (the CDH assumption), even in the 3eCK model where the adversary is allowed to make more queries and have more freedom than previous models. In our formal proof, we use the trapdoor test technique introduced by Cash, Kiltz and Shoup to construct an efficient decision oracle. As far as we know, our protocol is the first provably secure 3PAKE protocol based on the CDH assumption and the first 3PAKE protocol using the trapdoor test technique for the security proof. 相似文献
12.
13.
Shanshan Duan 《Information Sciences》2008,178(3):742-755
In this paper, we present the first certificateless undeniable signature scheme. The scheme does not suffer from the key escrow problem, which is inherent in identity based cryptosystems. Also it can avoid the onerous management of certificates. Particularly, by using some cryptographic and mathematical techniques, we guarantee that the scheme’s two component protocols satisfy the properties of zero-knowledge proofs. To address the security issues, we extend security notions of undeniable signatures to the complex certificateless setting, and consider two different types of adversaries. Based on these formally defined security notions, we prove that in the random oracle model, the certificateless undeniable signature scheme is secure in the sense of existential unforgeability under the Bilinear Diffie-Hellman assumption, and is secure in the sense of invisibility under the Decisional Bilinear Diffie-Hellman assumption. 相似文献
14.
高海英 《计算机研究与发展》2012,49(8):1685-1689
提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标. 相似文献
15.
Rui Zhang Jiqiang Liu Zhen Han Lijuan Zheng 《Computers & Electrical Engineering》2010,36(6):1046-1054
ECC combined public key is a new technology of scalable key management. In this paper, we propose an identity-based encryption (IBE) scheme using ECC combined public key (CPK). The scheme is based on bilinear maps between groups and proved semantically secure in the random oracle model under a variant of Computational Diffie-Hellman (CDH) assumption–Bilinear Diffie-Hellman (BDH) assumption. 相似文献
16.
身份认证方案是一种非常重要和有用的密码学工具.给出了两个高效和可证安全的基于ID的身份认证方案,这两个认证方案都是由高效且在标准模型中基于强Diffie-Hellman假设可证安全的Boneh-Boyen签名方案衍生出来的.分析了这两个基于ID的身份认证方案的安全性,在标准模型中证明一个在被动攻击下防止冒充安全,另一个在主动和并行攻击下也防止冒充安全. 相似文献
17.
18.
可证明安全的多接收者公钥加密方案设计与分析 总被引:2,自引:0,他引:2
针对现有安全广播协议密钥分发效率较低的问题,提出了一种通过多接收者公钥加密实现安全广播的方法.以Shamir的门限秘密共享方案为设计基础,首先提出了一个基于椭圆曲线上双线性变换的具有抗不可区分选择明文攻击(IND-CPA)安全性的多接收者公钥加密方案,然后对所提方案进行安全扩展,在此基础上最终提出了一个具有抗不可区分自适应选择密文攻击(IND-CCA2)安全性的多接收者公钥加密方案.基于双线性判定Diffie- Hellman假设和双线性间隙Diffie-Hellman假设,对上述所声称的IND-CPA安全性和IND-CCA2安全性进行了证明.同时,对方案的正确性及性能等进行了分析和证明.分析发现,该方案是一个安全、有效的公钥加密方案.由一个加密密钥所加密的密文可以被多个解密密钥解密而得到其所对应的明文,这使得该方案具有非常重要的应用,尤其是可以用来实现安全广播,以便在不安全的、开放的网络环境中安全地广播敏感信息. 相似文献
19.
无证书两方密钥协商方案 总被引:3,自引:0,他引:3
给出了一个无双线性对的无证书两方密钥协商方案,并演示了这些不安全无证书方案存在的攻击.只要每方至少有1个未泄露的秘密值,该方案在最强的安全模型下就是安全的.即使密钥生成中心知道双方的临时私钥或显示双方的秘密值/替换公钥(但不能同时),但只要计算Diffie-Hellman假设成立,该方案在随机预言机模型下也被证明是安全的.该方案消除了对运算,与其他无证书密钥协商方案相比,该方案是己知无证书安全协商方案中计算复杂度最低的.该方案尤其适合于带宽受限的通信环境中使用,如Ad Hoc网络、无线传感器网络等. 相似文献
20.
标准模型下的无证书签密方案 总被引:1,自引:0,他引:1
目前大多数基于身份的数字签名方案的安全性是基于随机预言模型进行证明的,但是许多方案都存在安全性问题。提出一种安全、高效的基于身份的无证书签密方案,并且在标准模型下证明该方案是安全的,方案的安全性可规约为q-ABDHE困难问题。与现有的标准模型下安全的基于身份的无证书签密方案相比,方案的通信代价更小,执行效率更高。 相似文献