An ID-based authenticated dynamic group key agreement with optimal round

Group key agreement protocols are crucial for achieving secure group communications.They are designed to provide a set of users with a shared secret key to achieve cryptographic goal over a public network.When group membership changes,the session key should be refreshed efficiently and securely.Most previous group key agreement protocols need at least two rounds to establish or refresh session keys.In this paper,a dynamic authenticated group key agreement(DAGKA) protocol based on identity-based cryptography is presented.By making use of the members’ values stored in previous sessions,our Join and Leave algorithms reduce the computation and communication costs of members.In the proposed protocol,Setup and Join algorithms need one round.The session key can be refreshed without message exchange among remaining users in Leave algorithm,which makes the protocol more practical.Its security is proved under decisional bilinear Diffie-Hellman(DBDH) assumption in random oracle model.     

Key agreement in dynamic peer groups

As a result of the increased popularity of group-oriented applications and protocols, group communication occurs in many different settings: from network multicasting to application layer tele- and videoconferencing. Regardless of the application environment, security services are necessary to provide communication privacy and integrity. This paper considers the problem of key agreement in dynamic peer groups. (Key agreement, especially in a group setting, is the stepping stone for all other security services.) Dynamic peer groups require not only initial key agreement (IKA) but also auxiliary key agreement (AKA) operations, such as member addition, member deletion, and group fusion. We discuss all group key agreement operations and present a concrete protocol suite, CLIQUES, which offers complete key agreement services. CLIQUES is based on multiparty extensions of the well-known Diffie-Hellman key exchange method. The protocols are efficient and provably secure against passive adversaries     

一个基于属性的密钥协商协议

在基于属性加密方案的基础上,提出一个基于属性的密钥协商协议。讨论基于属性的密钥协商协议的特性及可能的应用背景,其具有可实现模糊鉴别的特性,所实现的密钥策略为访问树结构。分析协议的安全属性并给出安全性证明,结果表明,与已有的协议相比,该协议可实现较复杂的访问结构,同时在标准模型下,基于判定双线形Diffie-Hellman假定证明了协议的安全性。     

无线环境下的Web服务身份认证密钥协商协议

提出了一种新的无线环境下的Web服务身份认证密钥协商协议,可以提供口令私密性、通信双方认证性和私钥的秘密性。该协议是在挑战响应协议和SEKE协议的基础上提出来的,在密钥设计过程中采用了Diffie-Hellman协议原理。最后,对协议的安全属性,协议的计算代价和通信代价等性能属性分别进行了分析。     

Strongly secure identity-based authenticated key agreement protocols

In this paper, we present a strongly secure identity-based (ID-based) two-party authenticated key agreement (AKA) protocol, which captures all basic desirable security properties including master key forward secrecy, ephemeral secrets reveal resistance and so on, and is provably secure in the extended Canetti-Krawczyk (eCK) model. The security of the protocol can be reduced to the standard Computational Bilinear Diffie-Hellman assumption in the random oracle model. Our scheme is secure as long as each party has at least one uncompromised secret. Also, we give a strongly secure variant of the protocol. The variant has a much lower computational overhead than the original scheme, while its security relies on the Gap Bilinear Diffie-Hellman assumption. Currently, there are few ID-based AKA protocols that are provably secure in the strong eCK model. Compared with previous ID-based AKA schemes, our protocols have advantages over them in security or efficiency.     

动态对等环境中组密钥协商协议的健壮性研究

总结提出了一种健壮的安全组通信系统一般模型,比较分析了多种组密钥协商协议,基于安全性和效率的考虑,从中选择了三种作为研究对象,描述了它们对各种异步网络事件和组成员关系变化的处理过程。在此基础上,探讨了它们不同的健壮性,并阐明了利用它们来构建健壮、可靠和安全的组通信系统的基本思路。     

ABeCK模型下安全的基于属性的认证密钥协商协议

基于属性的认证密钥协商(attribute-based authenticated key agreement,简称ABAKE)协议可在保护身份隐私的通信环境中为用户建立共享的会话密钥,ABeCK(attribute-based extended Canetti-Krawczyk)模型是适用于ABAKE协议安全性分析的一种安全强度较高的模型.首先在GCDH(gap computational Diffie-Hellman)假设的基础上提出了GCPBDHE(gap computational parallel bilinear Diffie-Hellman exponent)假设,然后,基于Waters属性基加密方案提出了一个基于属性的认证密钥协商协议,并在GCPBDHE假设和CDH假设成立的条件下,证明了该方案在ABeCK模型下是安全的.与现有的ABeCK模型下安全的ABAKE协议相比,降低了通信开销.     

Efficient and provably secure password-based group key agreement protocol

This paper considers the issue on authenticated group key agreement protocol among n users broadcasting communication over an insecure public network. Many authenticated group Diffie-Hellman key agreement protocols have been proposed to meet the challenges. However, existing protocols are either limited by the use of public key infrastructure or by their scalability, requiring O(n) rounds. To overcome these disadvantages, we propose an efficient password-based group key agreement protocol resistant to the dictionary attacks by adding password-authentication services to a non-authenticated multi-party key agreement protocol proposed by Horng. The proposed protocol is very efficient since it only requires constant rounds to agree upon a session key, and each user broadcasts a constant number of messages and only requires four exponentiations. Under the Decisional Diffie-Hellman assumption, we will show the proposed protocol is provably secure in both the ideal-cipher model and the random-oracle model.     

新的单轮无证书群认证密钥协商协议

群认证密钥协商协议可以使多个参与者在公开信道中建立会话密钥。提出了一种高效的基于PKC的无证书群认证密钥协商协议,由于采用了无证书机制,简化了基于证书的协议中复杂的证书管理问题,同时也解决了基于身份的协议中密钥托管问题。还对新协议进行了严格的形式化证明和计算量的横向比较,结果显示,新协议是安全且高效的。     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

一种新的群认证密钥协商方案

提出一种新的基于身份的群认证密钥协商协议,并基于决策双线性Diffie-Hellman问题的难解性,在标准模型下对协议的安全性进行形式化证明。该协议考虑群会话中成员的动态性问题,从而解决群密钥协商中成员的流动问题。安全性性能分析结果表明,该协议用较低的计算量实现了参与者的安全会话密钥协商。     

基于ECC的同态密钥协商

简要回顾了密钥管理的基本内容,指出常见的密钥协商协议的不足.介绍了ECC公钥密码体制和整数环上的同态加密机制,提出了基于ECC的同态密钥协商.该协议主要利用ECC的公钥和同态加密机制建立一个等献的、前向保密的会话密钥.和Diffie-Hellman系列密钥协商协议相比,提出的密钥协商协议具有更快的运算速度和基于口令的密钥协商协议相比,提出的密钥协商协议具有较好的安全性.并利用BAN逻辑证明了该协议的安全性.     

基于RSA的同态密钥协商

回顾了密钥管理的基本内容,介绍了RSA公钥密码体制和整数环上的同态加密机制,提出了基于RSA的同态密钥协商。该协议主要利用RSA的公钥和同态加密机制建立一个会话密钥。与Diffie-Hellman以及基于口令的密钥协商协议相比,它分别有更快的运算速度和较好的安全性。利用BAN逻辑证明了该协议的安全性。     

Security of ping-pong protocol based on pairs of completely entangled qudits

Quantum secure direct communication protocols offer confidential transmission of classic information over quantum channel without prior key agreement. The ping-pong based protocols provide asymptotic security and detailed analysis of security level provided by each variant of the protocol is required. The paper presents a general method of calculation of the eavesdropped information as a function of the attack detection probability. The method is applied to the ping-pong protocol based on completely entangled pairs of qudits. The upper and lower bounds on the amount of the leaked information and eavesdropping detection probability are provided.     

针对大数据安全的动态群密钥传输协议

为了确保基于大数据的群通信的安全性,并提高通信效率和实用性,本文提出了一种新的动态密钥传输协议。该协议允许任何一位群成员作为发起者分发群密钥,整个密钥传输过程无需在线的可信中心,且无需安全的通信信道。该协议的安全性基于Diffie-Hellman密钥协商协议以及线性秘密共享方案。当群成员发生变更时,群通信发起者与其它群成员间共享的两方秘密无需更新,能够很好地适应群成员的动态变化。该协议适用于许多基于大数据的面向群的应用。     

基于身份的同态密钥协商

在整数环上的同态加密机制和IBE公钥密码体制基础上,提出了基于IBE的同态密钥协商。该协议建立的会话密钥是等献的、前向保密的。和Diffie-Hellman系列密钥协商协议相比,所提出的密钥协商协议具有更快的运算速度;和基于口令的密钥协商协议相比,所提出的密钥协商协议具有较好的安全性。最后利用BAN逻辑证明了该协议的安全性。     

Strongly secure identity-based authenticated key agreement protocols in the escrow mode

Escrowable identity-based authenticated key agreement(AKA) protocols are desirable under certain circumstances especially in certain closed groups applications.In this paper,we focus on two-party identitybased AKA schemes in the escrow mode,and present a strongly secure escrowable identity-based AKA protocol which captures all basic desirable security properties including perfect forward secrecy,ephemeral secrets reveal resistance and so on.The protocol is provably secure in the extended Canetti-Krawczyk model,and its security can be reduced to the standard computational bilinear Diffie-Hellman assumption in the random oracle model.Assuming no adversary can obtain the master private key for the escrow mode,our scheme is secure as long as each party has at least one uncompromised secret.Also,we present two strongly secure variants of the protocol,which are computationally more efficient than the original scheme.     

自认证公钥的无线传感器网络密钥协商协议

自认证公钥密码不需要证书管理,不存在密钥托管问题,非常适用于资源受限的无线传感器网络.但现有的自认证公钥传感网密钥协商协议存在安全性低和能量消耗大的缺点.首先分析并指出Yoon等人提出的协议不能抵抗密钥泄漏伪装攻击;然后采用MTI协议族的"隐式认证"的思想,基于椭圆曲线Diffie-Hellman假设,设计了一个新的基于自认证公钥体制的认证密钥协商协议WSN-AKA.该协议是第1个可证明安全的传感器网络自认证公钥体制密钥协商协议.与现有协议相比,该协议不仅安全性更高,而且因其密钥协商只需两次消息传递,其通信效率也最高而能耗最少.     

Fast generators for the Diffie-Hellman key agreement protocol and malicious standards

The Diffie-Hellman key agreement protocol is based on taking large powers of a generator of a prime-order cyclic group. Some generators allow faster exponentiation. We show that to a large extent, using the fast generators is as secure as using a randomly chosen generator. On the other hand, we show that if there is some case in which fast generators are less secure, then this could be used by a malicious authority to generate a standard for the Diffie-Hellman key agreement protocol which has a hidden trapdoor.     

认证测试理论的扩展和应用

通过在串空间中加入新的密码原语,重新定义认证测试的前提条件、扩展认证测试理论,使其能够分析有签名运算的密码协议。通过对基于Diffie—Hellman密钥交换的安全协议进行合理的假设,使其参数项具有现时值的性质,从而可以直接使用扩展的认证测试理论进行分析。使用扩展后的认证测试分析一个包含签名和Diffie—Hellman密钥交换的密码协议,得出该协议满足认证特性。