ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2017, Vol. 54 ›› Issue (12): 2797-2804.doi: 10.7544/issn1000-1239.2017.20160791

• 信息安全 • 上一篇    下一篇

基于二叉树的非签名认证密钥协商协议

吴福生,张焕国   

  1. (武汉大学计算机学院 武汉 430072) (空天信息安全与可信计算教育部重点实验室(武汉大学) 武汉 430072) (liss@whu.edu.cn)
  • 出版日期: 2017-12-01
  • 基金资助: 
    国家自然科学基金重点项目(61332019);国家“九七三”重点基础研究发展计划基金项目(2014CB340601)

Key Agreement Protocols of Non-Signature Authentication Based on Binary Tree

Wu Fusheng, Zhang Huanguo   

  1. (School of Computer Science, Wuhan University, Wuhan 430072) (Key Laboratory of Aerospace Information Security and Trusted Computing(Wuhan University), Ministry of Education, Wuhan 430072)
  • Online: 2017-12-01

摘要: 协议是网络通信的规范,密码协议是信息安全的关键技术之一,安全的密码协议常常依赖于签名或消息认证技术.签名或消息认证给密钥协商协议通信带来大量计算,不利于计算能力有限设备的网络通信.设计具有计算量小又实用的安全协议是信息安全研究目标之一.故以整数乘法同态映射和二叉树为基础,提出一种新的密钥协商协议,并在开源的OpenSSL环境下实现新协议模拟实验,给出二叉树叶子结点数变化对网络通信影响的模拟实验和实验结果分析.新协议在随机预言模型下可证明安全,即在公钥加密方案中新协议满足选择明文攻击不可区分性的(IND-CPA)安全.新协议与经典的密钥协商协议相比(例如MTI,MQV,HMQV),计算量小、强安全假设少、无需额外的签名与消息认证,且可以在非安全通信信道上进行安全通信.

关键词: 协议, 密码学, 同态, 二叉树, 可证明安全

Abstract: Protocol is the specification of the network communication. Then cryptographic protocol, whose safety is based on signature or authentication technology, is one of the key techniques of information security. The technique of signature or authentication needs huge computation during communicating, which brings barriers for many communication devices because of their limited computing power. Therefore, it is an aim of studying information security to design a secure cryptographic protocol, which is practical but doesn't need huge computation. In this paper, a novel key agreement protocol is proposed, which is based on the binary tree and the homomorphic mapping of integer multiplication. Meanwhile, an experiment is carried out in an open source (OpenSSL) systems to test how nodes of leaf binary trees affect network communication and the result of the experiment is analyzed. Our scheme is successful because our key agreement protocol is proved to be safe in the random oracle model. That is to say, in the PKI system, our key agreement protocol meets the requirement of the indistinguishable chosen plaintext attack (IND-CPA ) security. Compared with previous protocols (like MTI, MQV, HMQV), our key agreement protocol has many advantages: the computation is small; only one strong security assumption is needed; it dispenses with extra authentication of MAC and digital signature; and communicating parties can authenticate implicitly through unsafe channels.

Key words: protocols, cryptography, homomorphism, binary tree, provably secure

中图分类号: