共查询到18条相似文献,搜索用时 54 毫秒
1.
安全的认证密钥协商协议研究 总被引:1,自引:0,他引:1
对基于证书的密钥协商协议的设计与分析进行了比较深入的研究,研究内容包括:可证明安全的基于证书的密钥协商协议以及一种新的可认证密钥协商协议。主要研究成果有:介绍了密钥协商协议的概念和安全特性;提出一个新的认证密钥交换协议AKE-1。AKE-1效率较高,并且在最新的eCK07模型下是安全的,证明基于随机预言假设和CDH假设。另外,基于AKE-1,提出一轮的变体(满足只有一个实体在线)和三轮的变体(提供密钥确认属性),以满足不同的应用。 相似文献
2.
An authentication multiple key agreement protocol allows the users to compute more than one session keys in an authentication way. In the paper, an identity-based authentication multiple key agreement protocol is proposed. Its authentication part is proven secure against existential forgery on adaptively chosen message and ID attacks under the random oracle model upon the CDH assumptions. The session keys are proven secure in a formal CK security model under the random oracle model upon the CBDH assumptions. Compared with the previous multiple key agreement protocols, it requires less
communication cost. 相似文献
3.
Key agreement and identification protocols are much applicable among current protocols in cryptography. These protocols are used for a secure communication through an insecure channel in a network like Internet. Challenge-response identification protocol is an important identification method. In this paper, by making some slight changes in the public-key-based challenge-response identification protocol, we have introduced a new scheme in which the users in addition to authenticating each other can also agree on multiple keys. Then, this protocol'es security from both aspects regarding the identification and key agreement will be analyzed. At the end, we will prove our scheme has a high security and efficiency in comparison with some famous and similar protocols. 相似文献
4.
UAP协议不具有前向保密性和密钥泄露的安全性。论文提出了一种安全的AKC协议,简称SAKC协议,它不仅具有前向保密性和密钥泄露的安全性,还有较好的执行效率。 相似文献
5.
6.
针对GDH(group diffie-hellman)方案中节点可能成为系统的瓶颈以及计算复杂度、通信代价和存储复杂度远高于某些集中式方案等缺陷,提出并实现了一种基于优化GDH协商的高效安全的动态群组密钥管理方案,并对其安全性进行了证明。通过对计算量和通信量进行分析比较表明,优化GDH协商协议具有很大的优势,并且能够快速产生或更新组密钥,具有很强的实用性。 相似文献
7.
8.
钟林惠 《信息安全与通信保密》1984,(1)
“日经ュしクトロニクス”第309号报道:美国HP公司开发了采取公开密钥分发算法的单片LSI,于1982年11月底在迈阿密召开的全球通信会议上公布于世。这种片子能高速度地产生公用密钥。采用NMOS工艺,衬片为3μm,在5mm的角形片子上集成了 相似文献
9.
为了解决现有的组密钥协商机制需要组成员在本地全部参与协商,从而严重制约安全群组通信系统可扩展性与高效性的问题,提出一种基于服务器端的密钥协商策略.该机制中,仅需要与每个组成员连接的服务器组间密钥协商,降低了群组的存储开销和通信开销.同时在客户端函数库内通过设计一个单向映射机制实现从服务器组密钥到群组密钥变换.与基于客户端函数库的密钥协商机制相比,其可扩展性及密钥协商效率更高. 相似文献
10.
分析研究了物联网节点认证与密钥管理技术.针对大量节点同时对物联网网关集中访问的特点,提出了一种快速认证与密钥协商协议.采用会聚认证算法,提高了认证效率,密钥协商过程中每个节点都贡献一份因子参与密钥协商,提高了密钥生成的安全性. 相似文献
11.
Alizadeh Javad Safkhani Masoumeh Allahdadi Amir 《Wireless Personal Communications》2022,126(4):2911-2935
Wireless Personal Communications - Internet of Things (IoT) is a revolution which has influenced the lifestyle of human. Wireless Body Area Networks (WBAN)s are IoT-based applications which have a... 相似文献
12.
With the exponential growth of intelligent Internet of Things(IoT) applications, Cloud-Edge(CE) paradigm is emerging as a solution that facilitates resource-efficient and timely services. However,it remains an underlying issue that frequent end-edgecloud communication is over a public or adversarycontrolled channel. Additionally, with the presence of resource-constrained devices, it’s imperative to conduct the secure communication mechanism, while still guaranteeing efficiency. Physical unclonab... 相似文献
13.
Karuppiah Marimuthu Das Ashok Kumar Li Xiong Kumari Saru Wu Fan Chaudhry Shehzad Ashraf Niranchana R. 《Mobile Networks and Applications》2019,24(3):1046-1062
Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes.
相似文献14.
Yu-Wen Chen Jui-Tang Wang Kuang-Hui Chi Chien-Chao Tseng 《Wireless Personal Communications》2012,62(4):965-979
This paper presents an authentication and key agreement protocol to streamline communication activities for a group of mobile stations (MSs) roaming from the same home network (HN) to a serving network (SN). In such a roaming scenario, conventional schemes require the SN to interact with the HN for authenticating respective MSs, at the cost of repeated message exchanges and communication delay. Instead, in our design, when the first MS of a group visits, the SN performs full authentication with the concerned HN and thereby obtains authentication information for the MS and other members. Thus when any other MS of the same group visits, the SN can authenticate locally without subsequent involvement of the HN, so as to simplify protocol operations. We will show that our scheme does not trade performance for security and robustness to the extent that security requirements are unduly weakened. Both qualitative and quantitative discussions indicate that our proposed scheme lends itself to pragmatic settings. 相似文献
15.
16.
针对目前车联网认证密钥协商协议效率低下以及车辆公私钥频繁更新的问题,提出一个基于无证书聚合签名的车联网匿名认证与密钥协商协议.本方案通过引入临时身份和预签名机制实现对车辆的隐私保护以及匿名认证,同时通过构建临时身份索引数据库,实现可信中心对可疑车辆的事后追查,满足车辆的条件匿名性要求.此外,本方案中车辆的公私钥不随其临时身份动态改变,有效避免了已有方案公私钥频繁更新带来的系统开销.同时,为了提供高效的批量认证,采用无双线性对的聚合签名技术,实现了车辆签名的动态聚合和转发,有效降低了签名传递的通信量和云服务器的验证开销.本文方案在eCK模型和CDH问题假设下被证明是形式化安全的. 相似文献
17.
18.
SK Hafizul Islam 《Wireless Personal Communications》2014,79(3):1975-1991
In mobile multi-server authentication, a client can access different servers over an insecure channel like Internet and wireless networks for numerous online applications. In the literature, several multi-server authentication schemes for mobile clients have been devised. However, most of them are insecure against ephemeral secret leakage (ESL) attack and other vulnerabilities. For mutual authentication and key agreement, mobile client and server used ephemeral secrets (random numbers) and leakage of these secrets may be possible in practice. Since these are generated by an external source that may be controlled by an adversary. Also they are generally pre-computed and stored in insecure devices. Thus, if the secrets are leaked then the session key would turn out to be known and the private keys of client and server may be compromised from the eavesdropped messages. This phenomenon is called ESL attack. To defeat the weaknesses, in this paper, we design an ESL attack-free identity-based mutual authentication and key agreement scheme for mobile multi-server environment. The proposed scheme is analyzed and proven to be provably secure in the random oracle model under the Computational Diffie–Hellman assumption. 相似文献