基于RLWE支持身份隐私保护的双向认证密钥协商协议

杨亚涛; 韩新光; 黄洁润; 赵阳

doi:10.11959/j.issn.1000-436x.2019218

您当前的位置：

首页 >

文章列表页 >

基于RLWE支持身份隐私保护的双向认证密钥协商协议

学术通信 | 更新时间：2024-06-05

- 基于RLWE支持身份隐私保护的双向认证密钥协商协议
- Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE
- 通信学报 2019年40卷第11期页码：180-186
- 作者机构：
  
  1. 西安电子科技大学通信工程学院，陕西西安 710071
  2. 北京电子科技学院电子与通信工程系，北京 100070
- 作者简介：
  
  [ "杨亚涛（1978– ），男，河南平顶山人，博士，北京电子科技学院副教授、硕士生导师，主要研究方向为密码学与信息安全。" ]
  [ "韩新光（1994– ），男，陕西咸阳人，西安电子科技大学硕士生，主要研究方向为格理论与信息安全。" ]
  [ "黄洁润（1995– ），女，江苏南通人，北京电子科技学院硕士生，主要研究方向为格密码与信息安全。" ]
  [ "赵阳（1995– ），男，山东日照人，北京电子科技学院硕士生，主要研究方向为密码学与信息安全。" ]
- 基金信息：
  
  “十三五”国家密码发展基金资助项目(MMJJ20170110)
- DOI：10.11959/j.issn.1000-436x.2019218
  中图分类号： TN918.4
- 网络出版日期：2019-11，
  
  纸质出版日期：2019-11-25
- 稿件说明：
移动端阅览
杨亚涛, 韩新光, 黄洁润, 等. 基于RLWE支持身份隐私保护的双向认证密钥协商协议[J]. 通信学报, 2019,40(11):180-186.

Yatao YANG, Xinguang HAN, Jierun HUANG, et al. Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE[J]. Journal on communications, 2019, 40(11): 180-186.
杨亚涛, 韩新光, 黄洁润, 等. 基于RLWE支持身份隐私保护的双向认证密钥协商协议[J]. 通信学报, 2019,40(11):180-186. DOI： 10.11959/j.issn.1000-436x.2019218.

Yatao YANG, Xinguang HAN, Jierun HUANG, et al. Bidirectional authentication key agreement protocol supporting identity’s privacy preservation based on RLWE[J]. Journal on communications, 2019, 40(11): 180-186. DOI： 10.11959/j.issn.1000-436x.2019218.

摘要

为了解决执行认证密钥交换协议时通信双方身份隐私保护问题，提出了一种基于C类承诺机制的抗量子攻击的双向认证密钥协商协议。该协议通过 C 类承诺函数隐藏通信双方的真实身份信息，并基于 RLWE 困难问题，在保障身份匿名的前提下，通过2轮的消息交互不仅完成了双向身份认证，而且保证了传输消息的完整性，并协商出共享会话密钥。经过分析，在协议执行效率上，完成匿名的双向认证与密钥协商只需2轮的消息传输，与 Ding等的协议对比，公钥长度缩短近 50%；在安全性上，所提协议能够抵抗伪造、重放、密钥复制和中间人攻击。所提协议在eCK模型下满足可证明安全性，同时所提协议基于格上的RLWE困难问题，可抵抗量子计算攻击。

Abstract

In order to solve the problem of identity privacy preservation between two participants involved when implementing authenticated key agreement protocol

a bidirectional authenticated key agreement protocol against quantum attack based on C commitment scheme was proposed.Through the design of C commitment function

the real identity information of two participants involved was hidden.Based on RLWE difficult problem

under the premise to ensure identity anonymity

this protocol not only completed two-way identity authentication

but also ensured the integrity of the transmitted message

furthermore

the shared session key was negotiated.After been analyzed

in terms of protocol’s execution efficiency

only two rounds of message transmission were needed to complete anonymous two-way authentication and key agreement in the proposed scheme.Compared with Ding’s protocol

the length of public key was reduced by nearly 50%.With regard to security

the protocol could resist forgery

replay

key-copy

and man-in-the-middle attacks.It is proved that the proposed protocol satisfies the provable security under the eCK model.At the same time

the protocol is based on the RLWE problem of lattices

and can resist quantum computing attacks.

关键词

Keywords

references

DODIS Y , MIRONOV I ， STEPHENS-DAVIDOWITZ N . Message transmission with reverse firewalls-secure communication on corrupted machines [C ] // Annual Cryptology Conference . Springer , 2016 : 341 - 372 .

DIFFIE W , HELLMAN M E . New directions in cryptography [J ] . IEEE Transactions on Information Theory , 1976 , 22 ( 6 ): 644 - 654 .

LI L H , LIN L C , HWANG M S . A remote password authentication scheme for multiserver architecture using neural networks [J ] . IEEE Transactions on Neural Networks , 2001 , 12 ( 6 ): 1498 - 1504 .

LIU C , LIN C , HARN L , et al . Security analysis of remote password authentication schemes for multiserver architecture using neural networks [J ] . Journal of Computational ＆ Theoretical Nanoscience , 2012 , 7 ( 1 ): 680 - 683 .

TSAUR W J , WU C C , LEE W B . A smart card-based remote scheme for password authentication in multi-server Internet services [J ] . Computer Standards ＆ Interfaces , 2004 , 27 ( 1 ): 39 - 51 .

JUANG W S . Efficient multi-server password authenticated key agreement using smart cards [J ] . IEEE Transactions on Consumer Electronics , 2004 , 50 ( 1 ): 251 - 255 .

CHANG C C , LEE J S . An efficient and secure multi-server password authentication scheme using smart cards [C ] // International Conference on Cyberworlds . 2004 : 417 - 422 .

REGEV O . On lattices,learning with errors,random linear codes,and cryptography [J ] . Journal of the ACM , 2009 , 56 ( 6 ): 1 - 40 .

LIAO Y P , WANG S S . A secure dynamic ID based remote user authentication scheme for multi-server environment [J ] . Computer Standards ＆ Interfaces , 2009 , 31 ( 1 ): 24 - 29 .

WU T Y , TSENG Y M . An efficient user authentication and key exchange protocol for mobile client-server environment [J ] . Computer Networks , 2010 , 54 ( 9 ): 1520 - 1530 .

YOON E J , YOO K Y . A new efficient ID-based user authentication and key exchange protocol for mobile client-server environment [C ] // IEEE International Conference on Wireless Information Technology ＆ Systems . IEEE , 2010 : 1 - 4 .

LYUBASHEVSKY V , PEIKERT C , REGEV O . On ideal lattices and learning with errors over rings [C ] // International Conference on the Theory and Applications of Cryptographic Techniques . Springer , 2010 : 1 - 23 .

HE D B , CHEN J H , HU J . An ID-based client authentication with key agreement protocol for mobile client-server environment on ECC with provable security [J ] . Information Fusion , 2012 , 13 ( 3 ): 223 - 230 .

ISLAM S H , BISWAS G P . Comments on ID-based client authentication with key agreement protocol on ECC for mobile client-server environment [C ] // International Conference on Advances in Computing and Communications . Springer , 2011 : 628 - 635 .

HAO F , RYAN P . J-PAKE:authenticated key exchange without PKI [J ] . Transactions on Computational Science , 2010 , 6480 : 192 - 206 .

ZHANG J , ZHANG Z , DING J , et al . Authenticated key exchange from ideal lattices [C ] // Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT 2015) . Berlin Heidelberg:Springer , 2015 : 719 - 751 .

姚期智 , 赵运磊 . 一种高效且隐私保护的会话密钥协商方法:CN105162585A [J ] .(2015–12–16)[2019-01-28 ] .

YAO Q Z , ZHAO Y L . An efficient session key agreement method with privacy preservation:CN105162585A [J ] .(2015–12–16)[2019-01-28 ] .

赵运磊 , 李俊全 . 一种身份隐藏且非延展安全的认证密钥协商方法:CN105099671A [J ] .(2015–11–25)[2019-01-28 ] .

ZHAO Y L , LI J Q . An authentication key agreement method with hidden identify and non extended security:CN105099671A [J ] .(2015–11–25)[2019-01-28 ] .

STEBILA D , MOSCA M . Post-quantum key exchange for the Internet and the open quantum safe project [C ] // International Conference on Selected Areas in Cryptography . Berlin Heidelberg:Springer , 2016 : 14 - 37 .

李文敏 , 温巧燕 , 张华 . 基于验证元的三方口令认证密钥交换协议 [J ] . 通信学报 , 2008 , 29 ( 10 ): 149 - 152 .

LI W M , WEN Q Y , ZHANG H . Verifier-based password-authenticated key exchange protocol for three-party [J ] . Journal on Communications , 2008 , 29 ( 10 ): 149 - 152 .

TSENG Y M , HUANG S S , YOU M L . Strongly secure ID-based authenticated key agreement protocol for mobile multiserver environments [J ] . International Journal of Communication Systems , 2016 , 30 ( 11 ): 1 - 13 .

WU F , XU L L , LI X . A new chaotic map-based authentication and key agreement scheme with user anonymity for multi-server environment [C ] // International Conference on Frontier Computing . Springer , 2018 : 335 - 344 .

SHARMA G , SAHU R A , KUCHTA V , et al . Authenticated group key agreement protocol without pairing [C ] // International Conference on Information and Communications Security . Springer , 2018 : 606 - 618 .

JHENG Y S , TSO R , CHEN C M , et al . Password-based authenticated key exchange from lattices for client/server model [C ] // International Conference on Ubiquitous Information Technologies and Applications . Springer , 2017 : 315 - 319 .

张宗洋 . 承诺和零知识的非延展属性研究 [D ] . 上海:上海交通大学 , 2012 .

ZHANG Z Y . Non-malleable commitments and non-malleable zero-knowledge [D ] . Shanghai:Shanghai Jiao Tong University , 2012 .

MICCIANCIO D , REGEV O . Worst-case to average-case reductions based on Gaussian measures [C ] // 45th Annual IEEE Symposium on Foundations of Computer Science . IEEE Computer Society , 2004 : 372 - 381 .

KATZ J , VAIKUNTANATHAN V . Smooth projective hashing and password-based authenticated key exchange from lattices [C ] // 15th International Conference on the Theory and Application of Cryptology and Information Security . Springer , 2009 : 636 - 652 .

DING J , ALSAYIGH S , LANCRENON J , et al . Provably secure password authenticated key exchange based on RLWE for the post-quantum world [C ] // RSA Conference Cryptographers’ Track 2017 . Springer , 2017 : 183 - 204 .

杨晓燕 , 侯孟波 , 魏晓超 . 基于验证元的三方口令认证密钥交换协议 [J ] . 计算机研究与发展 , 2016 , 53 ( 10 ): 2230 - 2238 .

YANG X Y , HOU M B , WEI X C . Verifier-based three-party password authenticated key exchange protocol [J ] . Journal of Computer Research＆ Development , 2016 , 53 ( 10 ): 2230 - 2238 .

王彩芬 , 陈丽 . 基于格的用户匿名三方口令认证密钥协商协议 [J ] . 通信学报 , 2018 , 39 ( 2 ): 21 - 30 .

WANG C F , CHEN L . Three-party password authenticated key agreement protocol with user anonymity based on lattice [J ] . Journal on Communications , 2018 , 39 ( 2 ): 21 - 30 .

浏览量

737

下载量

CSCD

文章被引用时，请邮件提醒。

提交

工具集

关联资源

基于格的可验证定时签名与应用

基于格的卫星网络轻量化后量子接入认证方案

CDBS：基于CRYSTALS-Dilithium算法的盲签名方案

基于格的口令认证密钥交换协议综述

后量子基于验证元的三方口令认证密钥交换协议