本文選題：無證書公鑰密碼學(xué) + 認(rèn)證密鑰協(xié)商�。� 參考：《西安電子科技大學(xué)》2015年碩士論文

【摘要】：隨著信息技術(shù)的迅速發(fā)展,信息安全已經(jīng)成為一個(gè)重要課題。保護(hù)公開信道上傳輸?shù)男畔⒉皇芄粢柚畔踩暮诵募夹g(shù)—密碼學(xué)技術(shù)來實(shí)現(xiàn)。用密碼算法對(duì)傳輸?shù)男畔⑦M(jìn)行加密之前,首先要在合法通信用戶之間共享一個(gè)會(huì)話密鑰。一種主要的共享會(huì)話密鑰的手段和技術(shù)是認(rèn)證密鑰協(xié)商技術(shù)。認(rèn)證密鑰協(xié)商技術(shù)的核心內(nèi)容是認(rèn)證密鑰協(xié)商協(xié)議的設(shè)計(jì)。認(rèn)證密鑰協(xié)商協(xié)議一般是基于公鑰密碼體制設(shè)計(jì)的。與基于PKI(Public Key Infrastructure,公鑰基礎(chǔ)設(shè)施)和ID-PKC(Identity-based Public Key Cryptography,基于身份的公鑰密碼學(xué))設(shè)計(jì)的認(rèn)證密鑰協(xié)商協(xié)議相比,基于CL-PKC(Certificateless Public Key Cryptography,無證書公鑰密碼學(xué))設(shè)計(jì)的認(rèn)證密鑰協(xié)商協(xié)議有明顯優(yōu)勢(shì)。兩方認(rèn)證密鑰協(xié)商協(xié)議是認(rèn)證密鑰協(xié)商協(xié)議中的一個(gè)主要分支,單向兩方認(rèn)證密鑰協(xié)商協(xié)議是兩方認(rèn)證密鑰協(xié)商協(xié)議的一個(gè)實(shí)現(xiàn)方法。在單向兩方認(rèn)證密鑰協(xié)商協(xié)議中,只有發(fā)起方向響應(yīng)方發(fā)送消息,響應(yīng)方不返回消息給發(fā)起方。它是權(quán)衡安全性和資源開銷后的一個(gè)合理選擇。在研究了已有的CL-PKC系統(tǒng)下單向兩方認(rèn)證密鑰協(xié)商協(xié)議后,本文做了如下工作:(1)指出目前已有的CK-PKC系統(tǒng)下的單向兩方認(rèn)證密鑰協(xié)商協(xié)議都存在安全性問題,例如不能抵抗臨時(shí)秘密值泄露攻擊。對(duì)Lei Zhang提出的CL-PKC系統(tǒng)下單向兩方認(rèn)證密鑰協(xié)商協(xié)議進(jìn)行了分析,指出它無法滿足作者聲稱的抵抗臨時(shí)秘密值泄漏攻擊的安全性,并給出了一個(gè)攻擊方案。(2)根據(jù)Lippold等人提出的CL-PKC系統(tǒng)下單輪兩方認(rèn)證密鑰協(xié)商協(xié)議,建立了一個(gè)適用于單向兩方認(rèn)證密鑰協(xié)商協(xié)議的安全模型。在該模型下,只要通信雙方分別有一個(gè)秘密信息沒有被攻擊者獲取,就能保證協(xié)議的安全性。(3)基于上述安全模型,對(duì)Lei Zhang提出的協(xié)議進(jìn)行了改進(jìn)。改進(jìn)后協(xié)議的安全性是基于CDH(Compute Diffie-Hellman,計(jì)算DH)困難問題和GBDH(Gap Bilinear Diffie-Hellman,間隙雙線性DH)困難問題的。通過分別對(duì)改進(jìn)協(xié)議六種可能情形的形式化證明,可以得出結(jié)論:該協(xié)議能夠彌補(bǔ)Lei Zhang方案不能抵抗臨時(shí)秘密值泄漏攻擊的安全性問題,滿足單向兩方認(rèn)證密鑰協(xié)商協(xié)議所需的所有安全性要求。為了使協(xié)議能夠滿足更強(qiáng)的安全性,即能夠抵抗私鑰泄漏假冒攻擊和滿足前向安全性,本文對(duì)協(xié)議的兩個(gè)改進(jìn)方向進(jìn)行了探討。
[Abstract]:With the rapid development of information technology, information security has become an important issue. To protect the information transmitted on the open channel from attack must be realized by cryptography, the core technology of information security. Before encrypting the transmitted information with the cipher algorithm, a session key should be shared between the legitimate communication users. One of the main means and techniques for sharing session keys is authentication key agreement. The core of authentication key agreement is the design of authentication key agreement protocol. Authentication key agreement protocol is generally based on public key cryptosystem design. Compared with the authentication key agreement protocol based on PKI(Public Key infrastructure (public key infrastructure) and ID-PKC(Identity-based Public Key Cryptography, (identity-based public key cryptography), the authentication key agreement protocol based on CL-PKC(Certificateless Public Key Cryptography, (certificate free public key cryptography) has obvious advantages. Two-party authentication key agreement protocol is one of the main branches of authentication key agreement protocol, and one-way two-party authentication key agreement protocol is an implementation method of two-party authentication key agreement protocol. In the one-way two-party authentication key agreement protocol, only the initiator sends the message to the Respondent, and the Respondent does not return the message to the initiator. It is a reasonable choice after balancing security and resource overhead. After studying the existing one-way two-party authentication key agreement protocol under the CL-PKC system, this paper does the following work: 1) points out that the existing one-way two-party authentication key agreement protocol under the existing CK-PKC system has the security problem. For example, can not resist temporary secret value leak attack. This paper analyzes the unidirectional two-party authentication key agreement protocol proposed by Lei Zhang in CL-PKC system, and points out that it can not satisfy the security of the author's claim to resist the temporary secret value leak attack. An attack scheme. (2) based on the two-party authentication key agreement protocol proposed by Lippold et al for CL-PKC system, a security model for one-way two-party authentication key agreement protocol is established. In this model, the security of the protocol can be guaranteed as long as there is a secret message from each side of the communication that has not been obtained by the attacker. (3) based on the above security model, the protocol proposed by Lei Zhang is improved. The security of the improved protocol is based on the CDH(Compute Diffie-Hellman problem and the GBDH(Gap Bilinear Diffie-Hellman problem. Through the formal proof of the six possible cases of the improved protocol, it is concluded that the protocol can compensate for the security problem of the Lei Zhang scheme which can not resist the temporary secret value leak attack. Meet all the security requirements required for one-way two-party authentication key agreement protocol. In order to make the protocol more secure, that is to say, to resist the attack of private key leak and to satisfy the forward security, this paper discusses the two improvement directions of the protocol.
【學(xué)位授予單位】：西安電子科技大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2015
【分類號(hào)】：TN918.4

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 陳家琪;馮俊;郝妍;;無證書密鑰協(xié)商協(xié)議對(duì)跨域Kerberos的改進(jìn)[J];計(jì)算機(jī)工程;2010年20期

2 朱志馨;董曉蕾;;高效安全的無證書密鑰協(xié)商方案[J];計(jì)算機(jī)應(yīng)用研究;2009年12期

3 ;Two-Party Authenticated Key Agreement in Certificateless Public Key Cryptography[J];Wuhan University Journal of Natural Sciences;2007年01期

4 ;Efficient Certificateless Authenticated Key Agreement Protocol from Pairings[J];Wuhan University Journal of Natural Sciences;2006年05期

5 ;Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings[J];Wuhan University Journal of Natural Sciences;2005年01期

，

本文編號(hào)：1855716