组合公钥密码的网格身份认证机制

针对目前以PKI技术为基础的网格安全基础设施认证机制存在的用户规模小、效率低、依赖第三方机构在线运行等问题,提出了基于组合公钥密码的网格身份认证机制.该机制根据离散对数难题的数学原理构建公开密钥与私有密钥矩阵,生成数量庞大的由公开密钥与私有密钥组成的公私钥对,从而实现基于标识的超大规模的密钥生产与分发.通过在网格应用中实现该机制,和网格安全基础设施的认证效率进行了比较,验证了基于组合公钥密码的网格身份认证机制的可行性和高效性.     

A dynamic ID-based authenticated group key exchange protocol without pairings

So far, most of the proposed group key exchange (GKE) protocols do not consider the attack when the adversary reveals the parties’ephemeral private keys without their long-term private keys, so these GKE protocols are insecure on this attack. In this paper, for resisting above attack, we propose a dynamic authenticated group key exchange (AGKE) protocol in the ID-based setting. Different from previous ID-based protocols, our protocol does not utilize bilinear pairings, which makes it more efficient. At last, we analyze the security of the protocol in the eCK (enhanced Canetti-Krawczyk) security model.     

Two-Party Authenticated Key Agreement in Certificateless Public Key Cryptography

0 Introduction To simplify the management of certificates of tradi- tional PKI, Shamir[1] proposed the identity-based public key cryptography (ID-PKC) in which the public key of each party is derived directly from certain aspects of its identity, for exam…     

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.     

New multivariate-based certificateless hybrid signcryption scheme for multi-recipient

With the development of quantum computer,multivariate public key cryptography withstanding quantum attack has became one of the research focus.The existed signcryption schemes from discrete logarithm and bilinear paring are facing the serious threats.Based on multivariate public key cryptography,a new certificateless multi-receiver hybrid signcryption scheme has been proposed.The proposal reduced the cipher text and could handle arbitrary length messages by employing randomness reusing and hybrid encryption,as well as keeping security.In the random oracle model,the scheme’s confidentiality could withstand the IND-CCA2 adversary and its unforgeability could withstand the UF-CMA adversary under the hardness of multivariate quadratic(MQ)problem and isomorphism of polynomials(IP)assumption.It has less computation overhead and higher transmission efficiency than others.It reduced 33%cipher data compared with the existed similar scheme.     

安全高效无证书有序多重签名方案

无证书密码体制(certificateless cryptography,CLC)将用户私钥拆分为部分私钥和秘密值,其中部分私钥由密钥生成中心(key generator center,KGC)生成,而秘密值由用户自己选定,从而解决了基于身份密码体制所固有的密钥托管问题.此外,由于用户公钥由秘密值决定,无需认证中心(certificate authority,CA)对用户的公钥证书进行管理,解决了传统密码体制的证书管理问题.有序多重签名可用于电子政务和电子商务系统实现公文的逐级审批发布,提高认证效率.将有序多重签名和无证书密码相结合,提出一种安全高效的无证书有序多重签名方案,多重签名的长度及验证时间均与签名者个数无关,是紧致的无证书有序多重签名方案.方案使用较少的双线性对且只有一个签名消息,具有较高的计算效率和通信效率.证明了方案在随机预言模型(random oracle model,ROM)下具有不可伪造性.     

基于验证元的多密钥跨域交换协议

摘要:跨域的口令密钥交换协议(C2C-PAKE),可以使处于不同区域的用户通过不同的口令协商出共享会话密钥。本文针对大多数现存的跨域交换协议均需要依赖公钥密码算法效率较低的情况,在一个高效的三方密钥交换协议的基础上,提出了一个基于验证元的跨域密钥交换协议,该协议执行一次就能生成四把会话密钥,且无需使用公钥密码算法,与同类协议相比具有很高的效率。通过安全性分析证明,本文提出的协议能够抵御已知的各种攻击。     

Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings

An efficient authenticated key agreement protocol is proposed, which makes use of bilinear pairings and selfcertified public keys. Its security is based on the security assumptions of the bilinear Diffie-Hellman problem and the computational Diffic-Hellman problem. Users can choose their private keys independently. The public keys and identities of users can bc verified implicitly when the session key being generating in a logically single step. A trusted Key Generation Center is no longer required as in the ID-based authenticated key agreement protocols. Compared with existing authenticated key agreement protocols from pairings, the new proposed protocol is more efficient and secure.     

基于8阶LFSR序列的可证明安全性公钥密码体制

 为了满足在带宽受限制且带宽费用高的受限制环境下,实施高效率的加密解密与数字签名的需要,使用了数论、近世代数、算法分析等工具,研究节省公钥、私钥存储量和传输信息量的方案。提出基于8阶系数属于GF(p)LFSR序列的公钥密码体制,称之为8LFSR体制。给出8LFSR上的2个重要协议：可证明安全性加密协议和可证明安全性数字签名协议。分析表明,该密码体制的密钥生成简单,速度远快于ECC,其私钥压缩率高达8倍,优于XTR的3倍私钥压缩率,在多种环境下既能显著地提高运算效率又能保证安全性。     

A new certificateless public key encryption scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.     

通过双循环矩阵改进的基于纠错码的身份认证方案

目前所有的公钥密码方案都基于大整数分解或离散对数难题,这些困难问题在量子计算机中都可以在多项式时间内求解,因此所有的公钥方案都将面临危险,而基于纠错码的密码方案可以抵抗量子计算机的攻击,所以很有必要研究基于纠错码的身份认证方案。Stern身份认证方案总体来说很不错,但其公钥太大,达到150 Kbit;Veron提出一种改进的方案,目的也在于减少Stern方案中的公钥,在Veron方案中,Veron用生成矩阵来替代校验矩阵,使得所构造的公钥大大减小,但是其基于的安全性GSD问题没有得到很好地证明。现采用双循环矩阵来解决Stern方案中的密钥太大的问题,就是通过双循环矩阵把私钥嵌入到公钥中。这样做的好处有两点:1所基于的安全性是已被证明为安全的循环码;2改进以后,公钥只有347bit,而私钥大小也只有694 bit。并且分析所构造方案的安全性,将其归结到双循环线性条件下的SD问题。因为使用循环结构,使得实现起来比较容易并且效率很高。这些特点使得方案在轻量级结构的场合具有广阔的应用前景,比如手持终端,云存储环境下的数字签名等场合。     

密码学中伪随机数的产生问题

随着社会步入开放式的网络时代 ,对广泛应用于信息安全的密码学的研究越来越引起有关专业人士的兴趣。目前的加密体制仍以公钥体系为主流 ,且最常见的密钥选取方法就是选取一个具有某种特征的随机数 ,因此随机数的好坏就直接影响到密钥的安全 ,从而也就影响到整个加密体系的安全。本文阐述了一个好的伪随机数序列的条件 ,着重介绍了如何利用线性反馈移位寄存器产生m_序列的方法     

基于NTRU公钥密码系统的RFID通信安全协议的研究

 提出使用NTRU公钥密码系统建立RFID通信安全协议。通过使用构造随机化函数对NTRU公钥密码系统的明文进行动态、随机化映射,使由其映射后的明文具有了动态、随机分布的特性,实现了对明文信息的隐蔽,抵御了对明文信息特性的统计,致使攻击者对所得信息及信息来源无法区分和识别。由此设计的安全协议不仅满足了RFID通信安全协议要求的保密性、认证性等基本功能,而且能够有效地解决流量分析、跟踪攻击、隐私泄漏等RFID系统特殊的安全问题。同时不需要穷尽搜索,不需要密钥同步,密钥存储、密钥管理系统简单,并且具有良好的可扩展性。     

基于可编程逻辑器件的单向壳核函数构造方法

针对构造公钥密码时出现函数单向性和陷门性矛盾的问题, 通过引入单向壳核函数新型公钥密码体制, 根据可编程逻辑器件PLD的设计思想和结构
特征, 给出一种单向壳核函数的构造方法, 其安全性等同于一次一密. 与传统公钥密码体制相比, 单向壳核函数具有更广的包容性和更高的安全性, 是一种灵活性更强的公钥密码体制.     

Applying evolutionary algorithm to public key cryptosystems

A best algorithm generated scheme is proposed in the paper by making use of the thought of evolutionary algorithm, which can generate dynamically the best algorithm of generating primes in RSA cryptography under different conditions. Taking into account the factors of time, space and security integrated, this scheme possessed strong practicability. The paper also proposed a model of multi-degree parallel evolutionary algorithm to evaluate synthetically the efficiency and security of the public key cryptography. The model contributes to designing public key cryptography system too. Foundation item: Supported by the Hi-Tech Research and Development Foundation item: Supported by the Hi-Tech Research and Development Biography; Tu Hang (1975-), male, Ph. D candidate, research directions: Biography; Tu Hang (1975-), male, Ph. D candidate, research directions:     

A Practical Approach to Attaining Chosen Ciphertext Security

Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications （e. g. key transport）, and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the （adaptively） chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.     

一种安全高效的入侵容忍CA方案

CA是PKI中的关键设施。CA的私钥一旦泄漏,该CA签发的所有证书就只能全部作废;因此,保护在线CA私钥的安全是非常重要的。将CA的私钥以门限密码技术分享在n个部件中,不仅保证了CA私钥的机密性和可用性,同时使CA具备了入侵容忍性。所提出的CA方案,私钥以Shamir的拉格朗日多项式方式分享,更适合实际需求,实验表明具有良好的性能。     

Escrow-Free Certificate-Based Authenticated Key Agreement Protocol from Pairings

Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement （CB-AK） protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart＇s protocol.     

一种安全可追责的基于身份密码方案

可追责的基于身份密码体制可以缓解基于身份密码体制的密钥托管问题：仲裁者根据获取的非法私钥判断其是否由私钥生成器恶意生成。本文针对一种可行的可追责的基于身份密码方案,将其中的零知识证明改为用双线性对运算实现;以此为基础,结合一次性签名方案提出一种具有IND—slD—CCA安全性的可追责的基于身份密码方案,并给出相关证明。     

基于身份的移动网动态可认证群组密钥协商协议

群组密钥协商是保证无线网络群组安全通信的重要工具之一。2007年,Tseng等提出一种适合无线移动网络的高效群组密钥协商协议。对Tseng协议安全性进行分析,发现Tseng协议不具备认证性,不能抵御主动攻击。因此,通过改进Tseng协议,提出一种新的动态可认证群组密钥协商协议。该协议基于身份的公钥密码体制,降低了建立和管理公钥基础设施的代价;同时,协议支持节点间的相互认证。分析结果表明：协议满足群组密钥所要求的安全准则,降低了普通节点的计算和通信成本。