本文關(guān)鍵詞： 安全協(xié)議 認(rèn)證 密鑰協(xié)商 多服務(wù)器環(huán)境 無(wú)線傳感網(wǎng) 橢圓曲線密碼機(jī)制 BAN類(lèi)邏輯　出處：《解放軍信息工程大學(xué)》2014年碩士論文　論文類(lèi)型：學(xué)位論文

【摘要】：隨著互聯(lián)網(wǎng)技術(shù)的快速發(fā)展與應(yīng)用,網(wǎng)絡(luò)信息系統(tǒng)的安全保障問(wèn)題倍受人們的關(guān)注和重視。而作為信息安全保障最有效的手段之一,認(rèn)證密鑰協(xié)商協(xié)議能通過(guò)一系列的信息交互,實(shí)現(xiàn)網(wǎng)絡(luò)中各實(shí)體間的相互認(rèn)證,同時(shí)經(jīng)會(huì)話密鑰協(xié)商建立起一個(gè)安全通道,進(jìn)而實(shí)現(xiàn)傳輸數(shù)據(jù)的各種安全需求。但隨著網(wǎng)絡(luò)信息化高速發(fā)展和應(yīng)用場(chǎng)景的不斷擴(kuò)展,不同的應(yīng)用背景必須配置不同的認(rèn)證密鑰協(xié)商協(xié)議。因此,如何針對(duì)不同的應(yīng)用環(huán)境設(shè)計(jì)相應(yīng)的認(rèn)證密鑰協(xié)商協(xié)議具有重要的理論價(jià)值和應(yīng)用意義。本文針對(duì)不同應(yīng)用環(huán)境下的認(rèn)證密鑰協(xié)商協(xié)議進(jìn)行研究,取得以下成果:1.研究了單服務(wù)器認(rèn)證密鑰協(xié)商協(xié)議。當(dāng)前,大多數(shù)基于智能卡口令的單服務(wù)器認(rèn)證協(xié)議都存在一定安全缺陷,為克服這些缺陷,本文設(shè)計(jì)了一個(gè)具有高安全特性的單服務(wù)器認(rèn)證協(xié)議,同時(shí)具有較高的效率,更適用于實(shí)際環(huán)境;分析了一個(gè)適用于云計(jì)算的單服務(wù)器認(rèn)證協(xié)議,指出其存在的不足,為克服這些不足,引入橢圓曲線公鑰密碼技術(shù),給出一個(gè)新協(xié)議,并進(jìn)行安全和效率分析,分析結(jié)果表明,新協(xié)議在安全性上高于其他協(xié)議,并保持了相對(duì)較高的效率。最后用SPALL方法證明了協(xié)議的安全性。2.研究了多服務(wù)器認(rèn)證密鑰協(xié)商協(xié)議�；贓CDHP難題和ECDLP難題,引入對(duì)稱(chēng)加密算法、電子票據(jù)和生物特征碼(Biometrics)匹配,設(shè)計(jì)了一個(gè)基于動(dòng)態(tài)ID的多服務(wù)器認(rèn)證密鑰協(xié)商協(xié)議。安全和效率分析表明,本協(xié)議在提高安全性的同時(shí),保持了較高的效率,更適用于安全需求較高的資源受限環(huán)境。最后,用SPALL方法證明了協(xié)議的強(qiáng)認(rèn)證性、密鑰協(xié)商正確性和密鑰的機(jī)密性、新鮮性。3.研究了無(wú)線傳感網(wǎng)認(rèn)證密鑰協(xié)商協(xié)議。分析了Yuan提出的加強(qiáng)的雙因子認(rèn)證協(xié)議,指出其不能抵抗離線口令猜測(cè)攻擊、匹配泄露攻擊和網(wǎng)關(guān)節(jié)點(diǎn)冒充攻擊,且未能實(shí)現(xiàn)會(huì)話密鑰協(xié)商等。為克服以上缺陷,設(shè)計(jì)了一個(gè)新協(xié)議,并進(jìn)行安全和效率分析。結(jié)果顯示,新協(xié)議彌補(bǔ)了原協(xié)議的不足,且保持了較高的效率,更適用于實(shí)際環(huán)境。最后,用SPALL方法證明了新協(xié)議滿足密鑰協(xié)商正確性、密鑰機(jī)密性、外部用戶與網(wǎng)關(guān)節(jié)點(diǎn)的相互認(rèn)證及傳感器節(jié)點(diǎn)與網(wǎng)關(guān)節(jié)點(diǎn)的相互認(rèn)證。
[Abstract]:With the rapid development and application of Internet technology, people pay more attention to the security of network information system, and as one of the most effective means of information security. The authentication key agreement protocol can realize the mutual authentication of the entities in the network through a series of information exchange, and at the same time, establish a secure channel through the session key agreement. But with the rapid development of network information and the continuous expansion of application scenarios, different application backgrounds must be configured with different authentication key agreement protocol. How to design the corresponding authentication key agreement protocol for different application environment has important theoretical value and application significance. This paper studies the authentication key agreement protocol under different application environment. The following results are obtained: 1. Single server authentication key agreement protocol is studied. At present, most of the single server authentication protocols based on smart card password have some security defects to overcome these shortcomings. In this paper, a single server authentication protocol with high security characteristics is designed, which has high efficiency and is more suitable for practical environment. This paper analyzes a single server authentication protocol for cloud computing, and points out its shortcomings. In order to overcome these shortcomings, elliptic curve public key cryptography technology is introduced, a new protocol is proposed, and the security and efficiency are analyzed. The results show that the new protocol is more secure than other protocols. Finally, the security of the protocol is proved by the SPALL method. 2. The multi-server authentication key agreement protocol based on the ECDHP problem and the ECDLP problem is studied. A multi-server authentication key agreement protocol based on dynamic ID is designed by introducing symmetric encryption algorithm, electronic note and biometrics matching. The security and efficiency analysis show that. This protocol not only improves security, but also maintains high efficiency, which is more suitable for resource-constrained environment with high security requirements. Finally, the strong authentication of the protocol is proved by SPALL method. The correctness of key agreement and the confidentiality of key. 3. The authentication key agreement protocol of wireless sensor network is studied, and the enhanced two-factor authentication protocol proposed by Yuan is analyzed. It is pointed out that it can not resist off-line password guessing attack matching leak attack and gateway node impersonation attack and fails to implement session key agreement. In order to overcome the above defects a new protocol is designed. The results of security and efficiency analysis show that the new protocol makes up for the shortcomings of the original protocol, and maintains a higher efficiency, which is more suitable for the actual environment. Finally. The SPALL method is used to prove the correctness of the new protocol, the confidentiality of the key, the mutual authentication between the external user and the gateway node, and the mutual authentication between the sensor node and the gateway node.
【學(xué)位授予單位】：解放軍信息工程大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TN918.4

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 金茂順;一種可認(rèn)證密鑰分配方案[J];計(jì)算機(jī)工程與設(shè)計(jì);2002年03期

2 祁明，張凌，唐韶華，肖國(guó)鎮(zhèn);可認(rèn)證密鑰交換方案[J];計(jì)算機(jī)工程與應(yīng)用;1998年03期

3 董小燕,許勇,吳國(guó)新,翟明玉;基于用戶口令的認(rèn)證密鑰交換技術(shù)[J];數(shù)據(jù)通信;2001年03期

4 夏露;鄭燦燦;肖必光;;電子商務(wù)身份認(rèn)證密鑰原理與應(yīng)用研究[J];當(dāng)代經(jīng)理人;2005年04期

5 路守克;史國(guó)川;;身份基認(rèn)證密鑰協(xié)商協(xié)議[J];計(jì)算機(jī)技術(shù)與發(fā)展;2011年12期

6 李建兵;用IC卡實(shí)現(xiàn)登錄控制[J];計(jì)算機(jī)安全;2004年10期

7 劉鋒;高冬梅;程學(xué)翰;;基于可公開(kāi)認(rèn)證密鑰共享的電子現(xiàn)金系統(tǒng)[J];蘭州大學(xué)學(xué)報(bào)(自然科學(xué)版);2007年06期

8 劉文剛;李哠;何明星;;基于簽密的高效可認(rèn)證密鑰協(xié)商協(xié)議[J];計(jì)算機(jī)工程;2011年02期

9 路守克;史國(guó)川;;對(duì)一個(gè)認(rèn)證密鑰協(xié)商協(xié)議的分析與改進(jìn)[J];計(jì)算機(jī)工程與科學(xué);2011年11期

10 李勝金;張昌宏;周大偉;;一種基于ECDH的可認(rèn)證密鑰協(xié)商協(xié)議[J];信息安全與通信保密;2011年07期

相關(guān)會(huì)議論文 前1條

1 劉翠卿;平西建;張濤;王云鶴;;基于GF(2~6)上RS碼的信息隱藏應(yīng)用研究[A];第七屆全國(guó)信息隱藏暨多媒體信息安全學(xué)術(shù)大會(huì)論文集[C];2007年

相關(guān)博士學(xué)位論文 前2條

1 金海e，

本文編號(hào)：1448265