计算机应用 ›› 2015, Vol. 35 ›› Issue (5): 1399-1405.DOI: 10.11772/j.issn.1001-9081.2015.05.1399

• 信息安全 • 上一篇    下一篇

非平衡网络环境下基于身份的组密钥交换协议

袁思敏1, 马传贵1, 相生奇2   

  1. 1. 数学工程与先进计算国家重点实验室, 郑州 450001;
    2. 西安电子科技大学 通信工程学院, 西安 730073
  • 收稿日期:2014-11-26 修回日期:2015-01-14 出版日期:2015-05-10 发布日期:2015-05-14
  • 通讯作者: 袁思敏
  • 作者简介:袁思敏(1990-),女,湖北孝感人,硕士研究生,CCF会员,主要研究方向:安全协议的设计与分析; 马传贵(1962-),男,山东菏泽人,教授,博士生导师,博士,CCF会员,主要研究方向:密码协议、无线网络通信; 相生奇(1987-),男,甘肃武威人,硕士研究生,主要研究方向:安全协议、无线网络的安全认证.
  • 基金资助:

    国家自然科学基金资助项目(61379150, 61309016);河南省自然科学基金资助项目(122102210426);信息保障技术重点实验室开放课题(KJ-13-02);"十二五"密码发展基金资助项目(MMJJ201201005).

Identity-based group key exchange protocol for unbalanced network environment

YUAN Simin1, MA Chuangui1, XIANG Shengqi2   

  1. 1. State Key Laboratory of Mathematical Engineering and Advanced Computing, Zhengzhou Henan 450001, China;
    2. School of Telecommunications Engineering, Xidian University, Xi'an Shaanxi 730073, China
  • Received:2014-11-26 Revised:2015-01-14 Online:2015-05-10 Published:2015-05-14

摘要:

针对参与者计算能力不均衡的非平衡无线网络环境,首先对基于身份的群组认证密钥协商(ID-AGKA)协议进行安全性分析,指出该协议不能抵抗临时密钥泄露攻击; 随后通过对该协议签名的生成方式进行改进,使得改进的协议不仅在安全性上有所提高,而且能有效减少计算代价和通信代价,因此更适用于非平衡无线网络; 同时,协议采用了指定验证者签名,能有效地解决签名者的隐私问题; 此外,对非平衡网络中群组密钥协商协议的动态机制进行改进,通过高能量节点合理利用用户动态变化前计算的信息来减少低能量节点不必要的计算,这一改进能极大减少低能量节点的计算代价,更符合实际需求; 最后,在随机预言模型中基于整除判定性Diffie-Hellman(DDDH)假设证明了改进的群组密钥协商(GKA)协议的安全性.

关键词: 非平衡无线网络, 群组密钥协商, 临时密钥泄露攻击, 指定验证者签名, 动态机制, 随机预言模型

Abstract:

In consideration of the unbalanced wireless network whose participants have unbalanced computing power, the article analyed the security of the IDentity-based Authenticated Group Key Agreement (ID-AGKA) protocol, and pointed out that the protocol could not resist the ephemeral key leakage attack. Then because the generation of the agreement signature was improved, the safety was improved, the computational cost and communication cost was reduced effectively, so the improved protocol was more suitable for the unbalanced wireless network. Meanwhile, the protocol used a designated verifier signature, which could effectively solve the privacy problem of the signer. Moreover, in this article, the dynamic mechanism of unbalanced network group key agreement protocol was improved by powerful node making full use of the low-power nodes' computation information before users join or leave. This improvement could greatly reduce the unnecessary computation of the low-power nodes, making the new protocol more conform the actual needs. Finally, the safety of the improved Group Key Agreement (GKA) protocol was proved based on Divisible Decisional Diffie-Hellman (DDDH) assumption in the random oracle model.

Key words: unbalanced wireless network, group key agreement, ephemeral key leakage attack, designated verifier signature, dynamic mechanism, random oracle model

中图分类号: