ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展

• 信息安全 • 上一篇    下一篇

可证明安全的无双线性对无证书可信接入认证协议

马 卓 张俊伟 马建峰 姬文江   

  1. (西安电子科技大学计算机学院 西安 710071) (mazhuo@mail.xidian.edu.cn)
  • 出版日期: 2014-02-15

Provably Secure Certificateless Trusted Access Protocol for WLAN Without Pairing

Ma Zhuo, Zhang Junwei, Ma Jianfeng, and Ji Wenjiang   

  1. (School of Computer Science and Technology, Xidian University, Xi’an 710071)
  • Online: 2014-02-15

摘要: 提出一种无双线性对无证书的WLAN可信接入认证协议CTAPwoP.该协议以可信网络连接架构的基本思想为基础,将平台身份认证和平台完整性校验与用户身份认证过程巧妙结合,使得新协议仅需3轮交互就能实现站点(station, STA)与接入点(access point, AP)之间的双向身份认证和单播会话密钥的协商,同时实现AS对STA的平台身份认证和平台完整性校验.为进一步提高性能,该协议利用椭圆曲线上的点乘运算替换了传统无证书公钥密码体制中复杂的双线性对运算.安全性分析表明,该协议在高安全强度的eCK(extended Canetti-Krawczyk)模型下是安全的;性能分析表明:与IEEE 80211i的接入认证方案相比,该协议在计算开销和通信负载方面性能优势明显.

关键词: 无证书公钥, 无线局域网, 可信网络连接, 认证协议, extended Canetti-Krawczyk模型

Abstract: A pairing-free certificateless trusted access protocol for WLAN is proposed based on the certificateless public key cryptography and the trusted computing technologies. This protocol does not require the use of certificates and yet does not have the inherent key escrow feature of identity-based public key cryptography (ID-PKC). Taking the efficiency of this protocol into consideration, the following strategies are adopted in our protocol design. The platform authentication and integrity verification of station (STA) to authentication server (AS) are achieved during the authentication procedure. In addition, the explicit key agreement between STA and access point (AP) is adopted without 4-way handshake. Therefore, the mutual authentication and unicast session key agreement between STA and AP as well as the platform trusted verification are realized within 3 protocol rounds. In particular, the point multiplication on the elliptic curve is used instead of bilinear which causes significant computation overhead in the traditional certificateless public key cryptography. The security properties of the new protocol are examined using a very strong security model—the extended Canetti-Krawczyk (eCK) model, and the results show that the protocol is secure on the assumption that the Gap Diffie-Hellman problem is a difficult problem. The analytic comparisons show that the new protocol is very efficient in both computing and communication costs.

Key words: certificateless public key cryptography, WLAN, trusted network connect, authentication protocol, eCK (extended Canetti-Krawczyk) model