云计算下基于无证书的跨域认证密钥交换协议
Cross-Domain Authentication Key Exchange Protocol Based on Certificateless in Cloud Computing Environment
DOI: 10.12677/CSA.2018.85067, PDF,  被引量    国家自然科学基金支持
作者: 张兴兰, 黎丁玲*:北京工业大学信息学部,北京
关键词: 云计算无证书跨域认证密钥交换eCK模型Cloud Computing Certificateless Cross-Domain Authentication Key Exchange ECK Model
摘要: 基于椭圆曲线上的离散对数难题和双线性对运算,提出了一个云计算中基于无证书的跨域认证密钥交换协议,并且在eCK (extended Canetti-Krawczyk)模型下证明所提出协议的安全性。该协议满足了不同云之间的认证,一个云中用户的私钥由用户自己生成的秘密值和该云中的认证服务器生成的部分私钥两部分组成,充分保证了用户私钥的安全。用户身份认证的计算交由云认证服务器完成,用户认证和密钥协商经由一次交互完成,提高了协议执行效率。
Abstract: Based on the discrete logarithm problem and bilinear pairings on the elliptic curve, this paper proposed a certificateless cross-domain authentication key exchange protocol in cloud computing environment and was proved secure in extended eCK model. The protocol satisfied the authentication between the different clouds and the user’s private key in a cloud consisted of a secret value selected by the user and a partial private key generated by the authentication server in the cloud. It’s fully guaranteed the security of the user’s private key. The calculation in user identity authentication finished by the cloud authentication server and user authentication and key agreement were completed in an interaction. It has improved the execution efficiency of the agreement.
文章引用:张兴兰, 黎丁玲. 云计算下基于无证书的跨域认证密钥交换协议[J]. 计算机科学与应用, 2018, 8(5): 591-600. https://doi.org/10.12677/CSA.2018.85067

参考文献

[1] Buyya, R., Yeo, C.S. and Venugopal, S. (2008) Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Ser-vices as Computing Utilities. IEEE International Conference on High PERFORMANCE Computing and Communications, 10-1016.
[2] 吴吉义, 傅建庆, 平玲娣, 谢琪. 一种对等结构的云存储系统研究[J]. 电子学报, 2011, 39(5): 1100-1107.
[3] 房晶, 吴昊, 白松林. 云计算安全研究综述[J]. 电信科学, 2011, 27(4): 37-42.
[4] 段志强. 混合云安全策略研究[J]. 计算机安全, 2014(8): 33-37.
[5] 张建晓. 身份认证技术及其发展趋势[J]. 信息通信, 2015(2): 125-126.
[6] 李文敏. 认证密钥协商协议的设计与应用[D]: [博士学位论文]. 北京: 北京邮电大学, 2012.
[7] 李小标. 跨域认证关键技术研究[D]: [博士学位论文]. 北京: 北京邮电大学, 2011.
[8] Xu, C. and He, J. (2015) A Cross-Domain Authentication Method for Cloud Computing. Interna-tional Journal of Security & Its Applications, 9, 285-292. [Google Scholar] [CrossRef
[9] Castiglione, A., Palmieri, F., Chen, C.L., et al. (2016) A Blind Signature-Based Approach for Cross-Domain Authentication in the Cloud Environment. Interna-tional Journal of Data Warehousing & Mining, 12, 34-48. [Google Scholar] [CrossRef
[10] 解福. 云计算环境中认证与密钥协商关键技术研究[D]: [博士学位论文]. 济南: 山东师范大学, 2014.
[11] Al-Riyami, S.S. and Paterson, K.G. (2003) Certificateless Public Key Cryptography. In: Advances in Cryptology-ASIACRYPT 2003, Springer, Berlin, Heidelberg, 452-473.
[12] 田静. eCK模型下认证密钥交换协议及其证明[D]: [硕士学位论文]. 沈阳: 东北大学, 2011.
[13] 翁江. 椭圆曲线密码中双线性对与离散对数问题研究[D]: [硕士学位论文]. 郑州: 解放军信息工程大学, 2012.
[14] 李贵莹. 基于无证书的两方认证密钥协商协议的研究与分析[D]: [硕士学位论文]. 济南: 山东大学, 2014.
[15] Lippold, G., Boyd, C. and Nieto, J.G. (2009) Strongly Secure Certificateless Key Agreement. In: Pairing-Based Cryptography—Pairing 2009, Springer, Berlin, Heidelberg, 206-230.
[16] 周彦伟, 杨波, 张文政. 一种改进的无证书两方认证密钥协商协议[J]. 计算机学报, 2017, 40(5): 1181-1191.
[17] 苏航, 刘建伟, 陶芮. 无证书的层次认证密钥协商协议[J]. 通信学报, 2016, 37(7): 161-171.
[18] He, D., Padhye, S. and Chen, J. (2012) An Efficient Certificateless Two-Party Authenticated Key Agreement Protocol. Computers and Mathematics with Applications, 64, 1914-1926. [Google Scholar] [CrossRef