ISSN 1000-1239 CN 11-1777/TP

• 论文 • 上一篇    下一篇

标准模型下基于身份的认证密钥协商协议

任勇军 王建东 王箭 徐大专 庄毅   

  1. (南京航空航天大学信息科学与技术学院 南京 210016) (renyj100@126.com)
  • 出版日期: 2010-09-15

Identity-Based Authenticated Key Agreement Protocols in the Standard Model

Ren Yongjun, Wang Jiandong, Wang Jian, Xu Dazhuan, and Zhuang Yi   

  1. (College of Information Science and Technology, Nanjing University of Aeronautics and Astronautics, Nanjing 210016)
  • Online: 2010-09-15

摘要: 由于在现实世界中无法实现随机预言模型,标准模型下可证安全的高效密码协议成为近年来的研究热点.现有的标准模型下可证安全的基于身份的认证密钥协商协议,要么以未经安全性证明的基于身份的加密方案为基础设计密钥协商协议,无法保证所提出密钥协商协议的安全性;要么在弱的安全模型中设计密钥协商协议,导致协议的安全性差.采用MTI协议族的思想,基于判定性q-ABDHE假设和判定性BDH假设,设计了一个新的基于身份的认证密钥协商协议IBAKA,并第1次在标准模型下证明该协议是eCK安全的.与现有的标准模型下基于身份的密钥协商协议相比,IBAKA协议的计算效率、通信效率等方面性能优越.

关键词: 基于身份的密码学, 密钥协商, 可证安全, 双线性对, 标准模型

Abstract: There has been a recent rapid growth of interest in efficient cryptographic protocols that carry proofs in the standard model. Avoiding the random oracle model is to be preferred, given the known problems with instantiating these models in practice. However, among the existing authenticated key agreement protocols, some protocols were based on the identity based encryption schemes which are not prove secure, so the protocols can not be guarantee security; the others have been proven secure just hold in relatively weak models which do not fully support the session-state reveal or ephemeral-key reveal query, that lead to poor secure protocols. In this paper the idea of the MTI protocols is adopt to devise a new identity based authenticated key agreement protocol for two-party in standard model, which based on the truncated decisional augmented bilinear Diffie-Hellman exponent and decisional bilinear Diffie-Hellman assumptions. The formal proof is provided to show that the proposed scheme is provably secure in the enhanced Canetti-Krawczyk (eCK) model, which better supports the adversarys queries. To our best of our knowledge, the scheme is the first identity based authenticated key agreement in the eCK model and standard model. Moreover the proposed protocol has more performances in computational and communication efficiencies compared with all known protocols in standard model.

Key words: identity-based cryptography, key agreement, provable security, bilinear pairings, standard model