移动网络可信匿名认证协议

doi:10.11772/j.issn.1001-9081.2016.08.2231

计算机应用 ›› 2016, Vol. 36 ›› Issue (8): 2231-2235.DOI: 10.11772/j.issn.1001-9081.2016.08.2231

移动网络可信匿名认证协议

张鑫¹, 杨晓元^1,2, 朱率率¹

1. 武警工程大学电子技术系, 西安 710086;
2. 武警工程大学信息安全研究所, 西安 710086

收稿日期:2016-01-27 修回日期:2016-03-17 出版日期:2016-08-10 发布日期:2016-08-10
通讯作者: 张鑫
作者简介:张鑫(1991-),男,安徽合肥人,硕士研究生,主要研究方向:信息安全、可信计算、可信网络连接;杨晓元(1959-),男,湖南湘潭人,教授,硕士,主要研究方向:信息安全、密码学;朱率率(1985-),男,山东淄博人,讲师,硕士,主要研究方向:信息安全、可信计算、密码学。
基金资助:
国家自然科学基金资助项目（61402530）；武警工程大学基础研究基金资助项目（WJY201520）。

Trusted and anonymous authentication protocol for mobile networks

ZHANG Xin¹, YANG Xiaoyuan^1,2, ZHU Shuaishuai¹

1. Department of Electronic Technology, Engineering University of Armed Police Force, Xi'an Shaanxi 710086, China;
2. Institute of Information Security, Engineering University of Armed Police Force, Xi'an Shaanxi 710086, China

Received:2016-01-27 Revised:2016-03-17 Online:2016-08-10 Published:2016-08-10
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61272492, 61572521), the Natural Science Foundation of Shaanxi Province (2014JM8300), the Basic Research Program of Engineering University of Chinese People's Armed Police (WJY201422, WJY201523).

摘要/Abstract

摘要： 针对终端接入移动网络缺乏可信性验证问题，提出一种移动网络可信匿名认证协议，移动终端在接入网络时进行身份验证和平台完整性认证。在可信网络连接架构下，给出了可信漫游认证和可信切换认证的具体步骤，在认证时利用移动终端中预存的假名和对应公私钥对实现了用户匿名隐私的保护。安全性分析表明，协议满足双向认证、强用户匿名性、不可追踪性和有条件隐私保护。协议中首次漫游认证需要2轮交互，切换认证需1轮即可完成，消息交换轮数和终端计算代价优于同类可信认证协议。

关键词: 可信计算, 可信网络连接, 移动网络, 漫游认证, 可信认证

Abstract: The lackness of trusted verification of mobile terminal may affect the security of mobile network. A trusted anonymous authentication protocol for mobile networks was proposed, in which both user identity and platform integrity were authenticated when the mobile terminal accesses the networks. On the basis of trusted network connection architecture, the concrete steps of trusted roaming authentication and trusted handover authentication were described in detail. The authentication used pseudonyms and the corresponding public/private keys to achieve the protection of the user anonymous privacy. The security analysis indicates that the proposed protocol meets mutual authentication, strong user anonymity, untraceability and conditional privacy preservation; moreover, the implementation of the first roaming authentication requires two rounds of communications while the handover authentication protocol just needs one round. The analytic comparisons show that the proposed protocol is efficient in terminal computation and turns of message exchange.

Key words: trusted computing, trusted network connection, mobile network, roaming authentication, trusted authentication

中图分类号:

TP309.7

张鑫, 杨晓元, 朱率率. 移动网络可信匿名认证协议[J]. 计算机应用, 2016, 36(8): 2231-2235.

ZHANG Xin, YANG Xiaoyuan, ZHU Shuaishuai. Trusted and anonymous authentication protocol for mobile networks[J]. Journal of Computer Applications, 2016, 36(8): 2231-2235.

参考文献

[1] Trust Computing Group.TPM main part 1:design principles specification,version 1.2 revision 62[S].Geneva:International Organization for Standardization (IOS),2009.
[2] Trust Computing Group.TCG trusted network connect architecture for interoperability specification version 1.4[EB/OL].(2009-05-18)[20015-11-18].http://www.trustedcomputinggroup.org.
[3] Trust Computing Group.Architect's guide:mobile security using TNC technology[EB/OL].(2011-12-29)[2015-10-18].http://www.trustedcomputinggroup.org/developers/mobile.
[4] 马卓,马建峰,李兴华,等.可证明安全的可信网络连接协议模型[J].计算机学报,2011,34(9):1669-1678.(MA Z,MA J F,LI X H,et al.Provable security model for trusted network connect protocol[J].Chinese Journal of Computers,2011,34(9):1669-1678.)
[5] 吴振强,周彦伟,乔子芮.移动互联网下可信移动平台接入机制[J].通信学报,2011,31(10):158-169.(WU Z Q,ZHOU Y W,QIAO Z R.Access mechanism of TMP under mobile network[J].Journal on Communications,2011,31(10):158-169.)
[6] 马卓,张俊伟,马建峰,等.可证明安全的无双线性对无证书可信接入认证协议[J].计算机研究与发展,2014,51(2):325-333.(MA Z,ZHANG J W,MA J F,et al.Provably secure certificateless trusted access protocol for WLAN without pairing[J].Journal of Computer Research and Development,2014,51(2):325-333.)
[7] 杨力,马建峰,朱建明.可信的匿名无线认证协议[J].通信学报,2009,30(9):29-35.(YANG L,MA J F,ZHU J M.Trusted and anonymous authentication scheme for wireless networks[J].Journal on Communications,2009,30(9):29-35.)
[8] 周彦伟,杨波,张文政.可证安全的移动互联网可信匿名漫游协议[J].计算机学报,2015,38(4):733-748.(ZHOU Y W,YANG B,ZHANG W Z.Provable secure trusted and anonymous roaming protocol for mobile Internet[J].Chinese Journal of Computers,2015,38(4):733-748.)
[9] RAYA M,HUBAUX J-P.Securing vehicular Ad Hoc networks[J].Journal of Computer Security-Special Issue on Security of Ad-hoc and Sensor Networks,2007,15(1):39-68.
[10] 侯惠芳,季新生,刘光强.异构无线网络中基于标识的匿名认证协议[J].通信学报,2011,32(5):153-161.(HOU H F,JI X S,LIU G Q.Identity-based anonymity authentication protocol in the heterogeneous wireless network[J].Journal on Communications,2011,32(5):153-161.)
[11] 侯惠芳,刘光强,季新生,等.基于公钥的可证明安全的异构无线网络认证方案[J].电子与信息学报,2009,31(10):2385-2391.(HOU H F,LIU G Q,JI X S,et al.Provable security authentication scheme based on public key for heterogeneous wireless network[J].Journal of Electronics&Information Technology,2009,31(10):2385-2391.4)
[12] YANG G,HUANG Q,WONG D S,et al.Universal authentication protocols for anonymous wireless communications[J].IEEE Transactions on Wireless Communications,2010,9(1):168-174.

[1]	肖跃雷, 邓小凡. 基于证书的有线局域网安全关联方案改进与分析[J]. 计算机应用, 2021, 41(7): 1970-1976.
[2]	张学旺, 殷梓杰, 冯家琦, 叶财金, 付康. 基于区块链与可信计算的数据交易方案[J]. 计算机应用, 2021, 41(4): 939-944.
[3]	王志恒, 徐彦彦. 基于TrustZone的移动云环境指纹认证终端APP的设计和实现[J]. 计算机应用, 2020, 40(11): 3255-3260.
[4]	齐能, 谭良. 具有瀑布特征的可信虚拟平台信任链模型[J]. 计算机应用, 2018, 38(2): 327-336.
[5]	徐明迪, 高杨, 高雪原, 张帆. 满足对应性属性的平台配置证明[J]. 计算机应用, 2018, 38(2): 337-342.
[6]	肖跃雷, 武君胜, 朱志祥. 基于预共享密钥的LAN安全关联方案改进与分析[J]. 计算机应用, 2018, 38(11): 3246-3251.
[7]	孙亮, 陈小春, 郑树剑, 刘赢. 基于固件的终端位置管理系统研究与应用[J]. 计算机应用, 2017, 37(2): 417-421.
[8]	张鑫, 杨晓元, 朱率率, 杨海滨. 物联网环境下移动节点可信接入认证协议[J]. 计算机应用, 2016, 36(11): 3108-3112.
[9]	翁晓康张平王炜朱毅. 基于非平衡哈希树的平台完整性远程验证机制[J]. 计算机应用, 2014, 34(2): 433-437.
[10]	何龙彭新光. 基于双线性对签密的安全高效远程证明协议[J]. 计算机应用, 2013, 33(10): 2854-2857.
[11]	刘涛熊焰黄文超陆琦玮龚旭东. 无线传感器网络中基于节点行为和身份的可信认证[J]. 计算机应用, 2013, 33(07): 1842-1845.
[12]	朱贺新王正鹏刘业辉方水平. 基于统一可扩展固件接口的可信密码模块驱动研究与设计[J]. 计算机应用, 2013, 33(06): 1646-1649.
[13]	邵婧陈性元杜学绘曹利峰. 基于无干扰理论的分布式多级安全核心架构[J]. 计算机应用, 2013, 33(03): 712-716.
[14]	姚建华吴加敏牛温佳童恩栋. 基于可信QoS聚类的遥感服务发现机制[J]. 计算机应用, 2013, 33(02): 587-591.
[15]	莫家庆胡忠望叶雪琳. 基于模糊理论的可信计算信任评估方法研究[J]. 计算机应用, 2013, 33(01): 142-145.

移动网络可信匿名认证协议

Trusted and anonymous authentication protocol for mobile networks

PDF

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 15

编辑推荐

Metrics