本文選題：密鑰協(xié)商　切入點：橢圓曲線密碼體制　出處：《武漢大學(xué)》2017年碩士論文　論文類型：學(xué)位論文

【摘要】：隨著智能手機的不斷普及,人們越來越多地使用移動網(wǎng)絡(luò)來進行通信、購物、理財,這也使移動網(wǎng)絡(luò)的安全問題更加受人關(guān)注,如何構(gòu)建出一個適用于性能較低的移動設(shè)備的安全協(xié)議成為一個非常重要的問題。密鑰協(xié)商協(xié)議是解決網(wǎng)絡(luò)通信安全問題的一個常用方法,在進行會話之前,通信雙方使用密鑰協(xié)商協(xié)議進行互相認(rèn)證并且協(xié)商一個臨時的會話密鑰,然后用該會話密鑰對通信的消息進行加解密,達到通信安全性。密鑰協(xié)商協(xié)議自提出以來,得到不斷的研究與發(fā)展,逐步演化出了多個不同的種類。其中基于身份的密鑰協(xié)商協(xié)議避免了傳統(tǒng)公鑰加密體制中的密鑰管理問題,基于ECC的密鑰協(xié)議具有更高的效率�；谏矸莺虴CC的密鑰協(xié)商協(xié)議同時具備二者的優(yōu)點,是解決移動網(wǎng)絡(luò)通信安全問題的一個好選擇。Farash等人在2014年提出了一個基于身份和ECC的密鑰協(xié)商協(xié)議,該協(xié)議能夠抵抗KCI攻擊且具有完美前向安全性。隨后Shi等人指出Farash等人的協(xié)議存在服務(wù)器模仿攻擊漏洞,并提出了一個新的用戶注冊協(xié)議。然而我們發(fā)現(xiàn)Shi等人的協(xié)議仍不能抵抗服務(wù)器模仿攻擊。為了解決這個問題,我們在服務(wù)器的認(rèn)證消息中添加了一個隨機值,簡化了用戶私鑰,在此基礎(chǔ)上提出了一個新的客戶端-服務(wù)器兩方認(rèn)證密鑰協(xié)商協(xié)議,并在隨機預(yù)言機模型下證明了新協(xié)議能提供客戶端和服務(wù)器之間的互相認(rèn)證和會話密鑰的不可區(qū)分性。此外,本文還對新協(xié)議的安全特性進行了分析,證明了新協(xié)議具有已知會話密鑰安全性、完美前向安全性,能抵抗密鑰泄露模仿攻擊、未知密鑰共享攻擊和重放攻擊,且不存在密鑰控制。另外我們將新協(xié)議和近幾年提出的五個相關(guān)協(xié)議在安全性和性能兩個方面進行了比較,比較結(jié)果表明,我們的協(xié)議不僅在安全性方面有所提升,且具有更高的計算效率。為了驗證協(xié)議在真實環(huán)境中的確實可行性,本文使用Bouncy Castle加密組件和SHA-256來實現(xiàn)協(xié)議中的加密算法,將新協(xié)議在Windows系統(tǒng)和Android系統(tǒng)下進行了實現(xiàn)。實驗運行結(jié)果表明,新協(xié)議在實際環(huán)境中是正確可行的,且計算開銷較小,適用于性能較低的移動設(shè)備。
[Abstract]:With the increasing popularity of smart phones, more and more people use mobile networks to communicate, shop and manage money, which makes the security of mobile networks more concerned. How to construct a security protocol suitable for low performance mobile devices becomes a very important problem. Key agreement protocol is a common method to solve the security problem of network communication. The two sides of the communication use the key agreement protocol to authenticate each other and negotiate a temporary session key, and then use the session key to encrypt and decrypt the message of the communication to achieve communication security. With the continuous research and development, many different types have evolved gradually, among which the identity-based key agreement protocol avoids the problem of key management in the traditional public key encryption system. The key protocol based on ECC has higher efficiency. The key agreement protocol based on identity and ECC has the advantages of both. It is a good choice to solve the security problem of mobile network communication. Farash et al proposed a key agreement protocol based on identity and ECC in 2014. The protocol is resistant to KCI attacks and has perfect forward security. Shi et al later pointed out that Farash et al.'s protocol has a server impersonation vulnerability. A new user registration protocol is proposed. However, we find that Shi et al can not resist server impersonation attacks. In order to solve this problem, we add a random value to the authentication message of the server. Based on the simplification of the user's private key, a new client-server authentication key agreement protocol is proposed. It is proved that the new protocol can provide mutual authentication and indistinguishable session key between the client and the server under the random oracle model. In addition, the security characteristics of the new protocol are analyzed. It is proved that the new protocol has known session key security, perfect forward security, and can resist key leak simulation attack, unknown key sharing attack and replay attack. In addition, we compare the new protocol with the five related protocols proposed in recent years in terms of security and performance. The results show that our protocol not only improves the security, but also improves the performance of the new protocol. In order to verify the feasibility of the protocol in real environment, this paper uses Bouncy Castle encryption component and SHA-256 to implement the encryption algorithm in the protocol. The new protocol is implemented in Windows system and Android system. The experimental results show that the new protocol is correct and feasible in the actual environment, and the computation cost is small, so it is suitable for mobile devices with low performance.
【學(xué)位授予單位】：武漢大學(xué)
【學(xué)位級別】：碩士
【學(xué)位授予年份】：2017
【分類號】：TN918.4

【相似文獻】

相關(guān)期刊論文 前10條

1 張振文;宋海剛;洪流;陳學(xué)廣;;基于提議信息保護下的多屬性協(xié)商協(xié)議研究[J];計算機應(yīng)用研究;2009年12期

2 張永弟;楊光;李榮廷;;帶有時間令牌的多步反復(fù)協(xié)商協(xié)議在異地協(xié)同制造合作伙伴選擇中的應(yīng)用[J];機械設(shè)計與制造;2007年11期

3 鄭明輝;崔國華;;一種基于口令認(rèn)證的高效組密鑰協(xié)商協(xié)議[J];武漢理工大學(xué)學(xué)報;2010年20期

4 祝烈煌;曹元大;廖樂健;;一種可認(rèn)證的群組密鑰協(xié)商協(xié)議[J];計算機工程與應(yīng)用;2006年S1期

5 崔國華;鄭明輝;粟栗;;一種抗阻斷攻擊的認(rèn)證組密鑰協(xié)商協(xié)議[J];計算機科學(xué);2008年01期

6 鐘歡;許春香;;基于身份的多方認(rèn)證組密鑰協(xié)商協(xié)議[J];電子學(xué)報;2008年10期

7 曹帥;張串絨;宋程遠;;基于身份的移動網(wǎng)動態(tài)可認(rèn)證群組密鑰協(xié)商協(xié)議[J];空軍工程大學(xué)學(xué)報(自然科學(xué)版);2011年05期

8 劉天華;朱宏峰;;一種基于樹結(jié)構(gòu)的分布式組密鑰協(xié)商協(xié)議[J];兵工學(xué)報;2012年06期

9 張志軍;郭淵博;劉偉;呂金娜;;基于m叉樹與DH協(xié)議的組密鑰協(xié)商協(xié)議[J];計算機工程;2010年01期

10 潘操;丁輝;王洪元;;一種新的三方認(rèn)證密鑰協(xié)商協(xié)議[J];微電子學(xué)與計算機;2011年07期

相關(guān)會議論文 前2條

1 陳達;張e，

本文編號：1568028