资源限制信任协商

提出了资源限制信任协商方法.陌生的双方在建立信任关系时,仅仅交换一次信任书,随后多次交换对称密钥,直到协商完成或者失败.在资源限制信任协商过程中,用Hash函数验证信任书中的属性,用对称密码保护敏感属性.敏感属性是在自己的控制下逐步显示给对方的.资源限制信任协商避免了传统信任协商中双方多次交换信任书,以及多次验证信任书和策略的一致性检验所带来的大量公钥密码操作负担.同时也避免了传统信任协商中双方必须存储多个信任书的问题.因此资源限制信任协商比较适合在计算能力有限的移动设备之间建立信任关系.由于双方交互的信任书是保密的,因此资源限制信任协商能防止传统信任协商存在的中间人攻击问题.

Resource-constrained trust negotiation

A resource constrained trust negotiation(RCTN) was proposed.When a trust was established between strangers,their credentials were exchanged only once,and two parties exchanged the secret keys iteratively until the trust negotiation succeeded or failed.In resource-constrained trust negotiation,the attributes in the credentials were verified by one-way function,and the sensitive attributes,which were disclosed to other party in control of each party,were protected by symmetric secret keys.RCTN could avoid the heavy computational demands the public keys cryptography operations which the need of traditional trust negotiation to exchange,verified the credentials and check policy compliance time after time.And also RCTN needed less memory space to save the credentials than those of traditional trust negotiation.RCTN is well-suited for resource-limited devices to establish the trust relationship.The exchanging the credentials between two parties were encrypted by session keys,RCTN could prevent the vulnerability of man-in-the-middle attacks.