發(fā)布時間：2018-04-03 04:18

  本文選題：k-假名集合　切入點：匿名認證　出處：《西安電子科技大學》2014年碩士論文

【摘要】：互聯(lián)網在給人們的生活帶來便利的同時也引發(fā)了很多安全隱患,尤其是個人信息的泄露造成的不良影響十分廣泛。因此,個人信息的保護日益引起人們的重視。在無線環(huán)境下的身份認證中,越來越多的用戶為了保護自己的隱私信息,更傾向于匿名認證,以防攻擊者獲取用戶的位置并得到更多的個人信息。為了解決利用共享密鑰實現匿名認證的問題,我們提出了基于k-假名集合的匿名身份認證方案,主要做了以下工作:1.提出了基于共享密鑰的k-假名集合匿名認證方案,用戶在提出認證請求后,將包含自己真實身份標識的k-假名集合以及用真實用戶密鑰加密后的信息發(fā)送給認證服務器,認證服務器在最多遍歷k個用戶的共享密鑰和驗證其對應的加密信息后就能夠完成對用戶的認證。2.根據攻擊者的能力定義了兩類攻擊模型,即Dolev-Yao模型和加強的Dolev-Yao模型。此外,我們還分別給出了在Dolev-Yao模型和加強的Dolev-Yao模型下兩種k-假名集合的構造方法,并從安全性及性能等方面分析了兩種方法的優(yōu)勢和不足。3.將所提方案同已有的基于共享密鑰的無線匿名認證方案在安全性方面進行了比較,分別從匿名性、雙向認證、前向保密性和后向保密性、抗別名去同步攻擊、抵抗重放攻擊、抵抗假冒攻擊幾個方面具體分析了方案的安全性,結果表明所提方案具有明顯的優(yōu)勢。4.建立了測試床,實現了所提方案,并分別測試了k-假名集合中的用戶數量k以及同時認證請求的用戶數量對認證時間的影響。大量實驗表明方案所需認證時間短,且認證時間隨k值增加變化不大。同時,對方案進行了定量分析,結果表明它具有計算量小、所需存儲空間小等特點。
[Abstract]:The Internet not only brings convenience to people's life, but also leads to a lot of security risks, especially the adverse effects caused by the leakage of personal information.Therefore, the protection of personal information has increasingly attracted people's attention.In wireless authentication, more and more users prefer anonymous authentication in order to protect their privacy information, so as to prevent attackers from obtaining user's location and getting more personal information.In order to solve the problem of anonymous authentication using shared keys, we propose an anonymous authentication scheme based on k- pseudonym set.This paper proposes an anonymous authentication scheme based on shared key set of k- pseudonyms. After requesting authentication, users send the set of k- pseudonyms containing their real identity and the information encrypted by real user keys to the authentication server.The authentication server can authenticate the user by traversing the shared key of up to k users and verifying their corresponding encryption information.According to the ability of attackers, two kinds of attack models are defined, namely, Dolev-Yao model and enhanced Dolev-Yao model.In addition, we also give two methods of constructing k- kana set under Dolev-Yao model and enhanced Dolev-Yao model, and analyze the advantages and disadvantages of the two methods from the aspects of security and performance.The proposed scheme is compared with the existing wireless anonymous authentication scheme based on shared key in terms of security, including anonymity, bidirectional authentication, forward and backward confidentiality, anti-aliases de-synchronization attack and anti-replay attack, respectively.The security of the scheme is analyzed in several aspects, and the results show that the proposed scheme has obvious advantages. 4.The test bed is established, the proposed scheme is implemented, and the effect of the number of users in the k- pseudonym set k and the number of users for the authentication request on the authentication time is tested respectively.A large number of experiments show that the authentication time is short and the authentication time varies little with the increase of k value.At the same time, the quantitative analysis of the scheme shows that it has the characteristics of less computation and less storage space.
【學位授予單位】：西安電子科技大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP393.08

【參考文獻】

相關博士學位論文 前1條

1 王繼林;公鑰體制下的匿名問題研究[D];西安電子科技大學;2003年

，

本文編號：1703594