哈尔滨工程大学学报
哈爾濱工程大學學報
합이빈공정대학학보
JOURNAL OF HARBIN ENGINEERING UNIVERSITY
2009年
10期
1194-1198
,共5页
公钥密码%基于身份的认证密钥协商%双线性对%标准模型
公鑰密碼%基于身份的認證密鑰協商%雙線性對%標準模型
공약밀마%기우신빈적인증밀약협상%쌍선성대%표준모형
public key cryptography%identity-based authenticated key agreement%bilinear maps%standard model
针对标准模型下可证明安全的基于身份认证密钥协商协议给出了一种有效攻击,指出其无会话密钥托管的协议存在安全缺陷.当密钥生成器(PKG)被恶意控制时,协商的会话密钥仍能被计算出来.为了抵抗这种攻击,给出了一种改进的基于身份认证密钥协商协议. 改进的协议在标准模型下是可证明安全的,具有无会话密钥托管的属性.
針對標準模型下可證明安全的基于身份認證密鑰協商協議給齣瞭一種有效攻擊,指齣其無會話密鑰託管的協議存在安全缺陷.噹密鑰生成器(PKG)被噁意控製時,協商的會話密鑰仍能被計算齣來.為瞭牴抗這種攻擊,給齣瞭一種改進的基于身份認證密鑰協商協議. 改進的協議在標準模型下是可證明安全的,具有無會話密鑰託管的屬性.
침대표준모형하가증명안전적기우신빈인증밀약협상협의급출료일충유효공격,지출기무회화밀약탁관적협의존재안전결함.당밀약생성기(PKG)피악의공제시,협상적회화밀약잉능피계산출래.위료저항저충공격,급출료일충개진적기우신빈인증밀약협상협의. 개진적협의재표준모형하시가증명안전적,구유무회화밀약탁관적속성.
The security of a provably secure identity-based authenticated key agreement protocol in the standard model was analyzed, and it was found that the protocol used in escrowless mode has security flaws. When the private key generator (PKG) is controlled or attacked, all of the session keys can be obtained. To resist this attack, the identity-based authenticated key agreement protocol was improved. This new protocol was proven to be secure in the standard model and has the property of not needing session key escrow.
