Identity Based Group Key Agreement from Bilinear Pairing

0 IntroductionMulticast isthe core component of the groupcommunica-tions .There are several schemes proposed for securemulticast . The logical key hierarchy (LKH) was proposed byWonget al[1].Inthat ,the groupcontroller (GC) maintains alogical key tree where each node represents a key encryptionkey. An opti mizationthat haves the size of the rekeying mes-sages is described by Canettiet al[2]using a pseudo-randomgenerator tree(OFCT) . Another methodis the one-wayfunc-tion protocol (OFT)[3…     

Password-Based Group Key Agreement Protocol for Client-Server Application

0 IntroductionWith the rapid advances of computer networks , moreand more users are connecting together to exchangelarge amounts of information and share useful resources .However ,the security issue is still a major gating factor fortheir full adoption; mainly due to many malicious adversariesresidingin networked environments will eavesdrop,interceptand modify the transmittedinformation.The client-server model , over past years , has enjoyedsignificant and continually increasing popularity in…     

A deniable authenticated key agreement protocol

This paper presents a deniable authenticated key agreement protocol. This protocol can provide an authenticated session key while the sender and the receiver can deny their involvement in such a protocol if the protocol is executed successfully. Then both can deny their transmitted messages protected by the authenticated session key. If this protocol fails, no authenticated session key can be established and no protected messages can be transmitted. The protocol can be proved secure against key compromise impersonation attack. The protocol employs a new method to isolate a session key from confirmation keys.     

一个适用于移动通信系统的高效双向认证和密钥协商协议

提出了一个基于公钥加密的无线双向认证和密钥协商协议，解决了无线通信中的身份认证和密钥协商问题。该协议只需两次通信即可完成，且只需进行很少量的信息传输，具有结构简单、运算量小、执行效率高等特点，特别适用于计算资源有限的移动用户，具有较高的实用性。     

一个适用于移动通信系统的高效双向认证和密钥协商协议

提出了一个基于公钥加密的无线双向认证和密钥协商协议，解决了无线通信中的身份认证和密钥协商问题。该协议只需两次通信即可完成，且只需进行很少量的信息传输，具有结构简单、运算量小、执行效率高等特点，特剐适用于计算资源有限的移动用户，具有较高的实用性。     

一个适用于移动通信系统的高效双向认证和密钥协商协议

提出了一个基于公钥加密的无线双向认证和密钥协商协议,解决了无线通信中的身份认证和密钥协商问题.该协议只需两次通信即可完成,且只需进行很少量的信息传输,具有结构简单、运算量小、执行效率高等特点,特别适用于计算资源有限的移动用户,具有较高的实用性.     

安全高效的空间信息网中群组密钥交换协议

为实现空间信息网中保密通信,提出一个适用于空间信息网的群组密钥交换协议。协议充分考虑了空间信息网中结点的通信特点,所有的卫星结点根据其所在的轨道划分为不同的簇。协议由簇内阶段、簇间阶段和密钥分发阶段组成,每个结点均生成密钥贡献值并汇总至地面中心结点,中心结点生成密钥并秘密发送给每个结点。证明了协议具有语义安全性,进行了通信复杂度分析并利用NS2软件进行了仿真验证。结果表明:相比其他协议,本文协议在空间信息网中应用时具有较高的通信效率。     

一种安全的多层移动自组网密钥管理方案

针对移动自组网群通信中的安全问题,提出1种多层移动自组网安全分层密钥管理方案(HKMS)。其具体内容是:首先,为了简化群结构的管理,基于多层结构模型提出双层密钥管理方案,采用节点间的交换密钥和群密钥对数据包进行双重加密,提高网络通信的安全性;针对移动自组网拓扑结构频繁变化导致群结构维护复杂问题,对节点加入和节点离开2方面进行讨论;其次,从前向安全和后向安全2方面对方案的安全性进行分析;最后,与类似方案的性能进行比较分析。研究结果表明:该方案对节点的存储量要求较低,节点加入退出相关操作的执行效率等较高,简化了群管理与维护,能有效地减少群密钥重分发数。     

Efficient Certificateless Authenticated Key Agreement Protocol from Pairings

0 IntroductionKey agreement protocol is vital to Web security,whichallows two communication parties (i .e.the Web cli-ent and Web server) to establish a secret session key overan open network. The session key,generated with contri-butions fromall the communicating parties ,is usually sub-sequently be used to achieve some cryptographic goal be-tweenthe Web clients and servers ,such as confidentialityor dataintegrity. The first two-party key agreement proto-col was first proposed by Diffie and…     

无线网中基于ECC的认证和密钥交换协议

为适应密码技术在无线通信中的应用要求,Aydos、Mangipudi等人以椭圆曲线密码为基础,分别提出了适用于无线通信网络的身份认证和密钥交换协议.而研究发现,这些协议中仍存在中间人攻击、服务后否认、假冒攻击等安全隐患,且不能提供前向保密性.为此,本文提出一个安全的身份认证和密钥交换协议,经验证说明该协议不仅能防止上述安全隐患,而且执行效率更好,适于为无线通信环境中用户端与服务器间进行相互认证,建立一个双方共享的会话密钥.     

Escrow-Free Certificate-Based Authenticated Key Agreement Protocol from Pairings

Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement （CB-AK） protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart＇s protocol.     

基于身份的多服务器认证密钥协商方案

将基于身份的密码体制与远程多服务器密钥协商相结合,提出一种基于身份的远程多服务器密钥协商方案.用户注册时由私钥生成中心颁发私钥并安全存放于智能卡中.用户登录服务器前,双方采用基于身份的双线性配对计算进行双向身份认证,并协商生成会话密钥.服务器端无须保存口令表,用户端无须建立数据表存储相关登录信息,无须在终端能离线更改登录口令.该方案减少了密钥协商的通信开销、计算开销以及存储开销,在标准BR安全模型下该方案被证明是安全的.     

一种适用于基于身份的认证密钥协商的逆向防火墙协议

基于身份的认证密钥协商允许两方或者多方在不安全信道上建立安全的会话密钥。目前的认证密钥协商协议无法抵抗导致随机数泄露的后门攻击,比如已知特定于会话的临时攻击。基于此,我们设计了一种适用于基于身份的两方认证密钥协商的逆向防火墙协议。该协议在随机预言机模型下是安全的,能够抵抗强的临时会话秘密值泄露攻击,提供了消息抗泄露性。同时该协议不使用双线性对,节省了系统运行时间。最后,利用JPBC库实现了该协议。实验结果表明了该协议与同类型的协议相比,具有较小的带宽和较短的运行时间,十分适合应用于资源受限的系统中。     

用于移动设备应用程序的群密钥交换方案

为了解决当前基于云计算技术的弹性应用程序模型安全通信问题,该文提出一种群密钥管理方案。这一方案使用分类预测和基于公钥密码学的密钥交换方法相结合的方式,通过数据挖掘中的分类预测方法来完成密钥协商过程中的认证操作,并使用公钥密码学中的密钥共享技术实现密钥的交换。对所设计的方案进行了能耗分析并与其他方案进行了对比。分析结果表明:本文方案可以有效降低密钥交换协议的能量消耗,适用于移动设备安全通信。     

传感器网络上群组密钥协商协议的设计与实现

针对无线传感网节点群组通信存在的安全问题,在无线传感器网络上设计并实现了基于椭圆曲线的固定轮数的群组密钥协商协议。从设计和实现的角度,首先,对椭圆曲线标量乘进行基于NAF表示法的窗口滑动技术优化;然后,分析群组密钥协商协议在传感器网络上存在的问题,提出了数据流驱动网络协议解决方案;最后,在国产无线传感器节点GAINST-CC2430上,首次使群组密钥协商协议在实际无线传感器网络上得到实现。     

一个动态的安全有效的群密钥协商协议

提出一个动态对等网中的2轮密钥协商协议,并证明此协议抗被动攻击,满足完全前向安全性和密钥独立性. 协议由ElGamal加密和签名算法组合而成,简单而且有效. 此外,协议基于广播信道,所以也适用于无线网络(尤其是ad hoc)中的群成员协商会话密钥.     

Authenticated Diffie-Hellman key agreement protocol with forward secrecy

Forward secrecy is an important security property in key agreement protocol. Based on Ham＇s protocol, in this paper a new authenticated Diffie-Hellman key agreement protocol with half forward secrecy is proposed. This protocol is also based on a single cryptographic assumption, and is user authentication and shared key authentication. More importantly, our protocol provides forward secrecy with respect to one of the parties. For this reason, besides the advantages of Ham＇s protocol, in practice, our protocol can reduce the damages resulted from the disclosure of the user＇s secret key and it is very beneficial to today＇s communication with portable devices.     

基于双线性对的域间认证与密钥协商协议

结合代理签名和签密方案的特点,以双线性对为工具,设计了一个域间电子商务的认证与密钥协商协议。该协议能够实现移动用户与服务提供商之间的双向认证和移动用户的匿名性,并且会话密钥保持了新鲜性,做到一次一密钥,保证了协议的公平性和实用性,能够克服重放攻击、拒绝服务攻击、中间人攻击和密钥泄漏假冒攻击。     

A new certificateless public key encryption scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.     

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.