计算机应用 ›› 2012, Vol. 32 ›› Issue (02): 468-471.DOI: 10.3724/SP.J.1087.2012.00468

• 信息安全 • 上一篇    下一篇

对TAKASIP协议的分析和改进

唐宏斌,刘心松   

  1. 电子科技大学 计算机科学与工程学院,成都 610054
  • 收稿日期:2011-08-15 修回日期:2011-10-03 发布日期:2012-02-23 出版日期:2012-02-01
  • 通讯作者: 唐宏斌
  • 作者简介:唐宏斌(1973-),男,广西河池人,博士研究生,主要研究方向:分布式系统、密码学协议;
    刘心松(1940-),男,重庆石柱人,教授,博士,主要研究方向:数字有机体操作系统、数字有机体数据库系统、数字有机体流媒体系统、数字有机体流量调度系统。

Cryptanalysis and improvement of TAKASIP protocol

TANG Hong-bin,LIU Xin-song   

  1. School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu Sichuan 610054, China
  • Received:2011-08-15 Revised:2011-10-03 Online:2012-02-23 Published:2012-02-01
  • Contact: TANG Hong-bin

摘要: 会话初始化协议(SIP)提供了认证和协商会话密钥,能保证后续会话的安全。2010年,Yoon等(YOON E-J,YOO K-Y.A three-factor authenticated key agreement scheme for SIP on elliptic curves.NSS'10:4th International Conference on Network and System Security.Piscataway:IEEE,2010:334-339)提出一种新的三要素SIP认证密钥协商协议TAKASIP。但TAKASIP协议不能抵抗内部攻击、服务器伪装攻击、离线口令猜测攻击、身份冒充攻击和丢失标记攻击,并且没有提供双向认证。在TAKASIP协议基础上提出一种基于椭圆曲线密码三要素SIP认证协议ETAKASIP以解决上述问题。ETAKASIP基于椭圆曲线离散对数难题和椭圆曲线密码系统,提供了高安全性。该协议只需7次椭圆曲线点乘运算、1次椭圆曲线加法运算和最高6次哈希运算,有较高的运算效率。

关键词: 密码学, 认证协议, 椭圆曲线密码系统, 密钥协商, 会话初始化协议

Abstract: Session Initiation Protocol (SIP) provides authentication and session key agreement to ensure the security of the successive session. In 2010, Yoon et al. (YOON E-J, YOO K-Y. A three-factor authenticated key agreement scheme for SIP on elliptic curves. NSS '10: 4th International Conference on Network and System Security. Piscataway: IEEE, 2010: 334-339.) proposed a three-factor authenticated key agreement scheme named TAKASIP for SIP. However, the scheme is vulnerable to insider attack, server-spoofing attack, off-line password attack, and losing token attack. Moreover, it does not provide mutual authentication. To overcome these flaws of TAKASIP, a new three-factor authentication scheme named ETAKASIP based on Elliptic Curve Cryptosystem (ECC) was proposed. ETAKASIP, on the basis of elliptic curve discrete logarithm problem, provides higher security than TAKASIP. It needs 7 elliptic curve scalar multiplication operations, 1 additional operation and up to 6 Hash operations, and of high efficiency.

Key words: cryptography, authentication protocol, Elliptic Curve Cryptosystem (ECC), key agreement, Session Initiation Protocol (SIP)

中图分类号: