本文關鍵詞： 安全協(xié)議 認證 密鑰協(xié)商 多服務器環(huán)境 無線傳感網(wǎng) 橢圓曲線密碼機制 BAN類邏輯　出處：《解放軍信息工程大學》2014年碩士論文　論文類型：學位論文

【摘要】：隨著互聯(lián)網(wǎng)技術的快速發(fā)展與應用,網(wǎng)絡信息系統(tǒng)的安全保障問題倍受人們的關注和重視。而作為信息安全保障最有效的手段之一,認證密鑰協(xié)商協(xié)議能通過一系列的信息交互,實現(xiàn)網(wǎng)絡中各實體間的相互認證,同時經(jīng)會話密鑰協(xié)商建立起一個安全通道,進而實現(xiàn)傳輸數(shù)據(jù)的各種安全需求。但隨著網(wǎng)絡信息化高速發(fā)展和應用場景的不斷擴展,不同的應用背景必須配置不同的認證密鑰協(xié)商協(xié)議。因此,如何針對不同的應用環(huán)境設計相應的認證密鑰協(xié)商協(xié)議具有重要的理論價值和應用意義。本文針對不同應用環(huán)境下的認證密鑰協(xié)商協(xié)議進行研究,取得以下成果:1.研究了單服務器認證密鑰協(xié)商協(xié)議。當前,大多數(shù)基于智能卡口令的單服務器認證協(xié)議都存在一定安全缺陷,為克服這些缺陷,本文設計了一個具有高安全特性的單服務器認證協(xié)議,同時具有較高的效率,更適用于實際環(huán)境;分析了一個適用于云計算的單服務器認證協(xié)議,指出其存在的不足,為克服這些不足,引入橢圓曲線公鑰密碼技術,給出一個新協(xié)議,并進行安全和效率分析,分析結果表明,新協(xié)議在安全性上高于其他協(xié)議,并保持了相對較高的效率。最后用SPALL方法證明了協(xié)議的安全性。2.研究了多服務器認證密鑰協(xié)商協(xié)議�；贓CDHP難題和ECDLP難題,引入對稱加密算法、電子票據(jù)和生物特征碼(Biometrics)匹配,設計了一個基于動態(tài)ID的多服務器認證密鑰協(xié)商協(xié)議。安全和效率分析表明,本協(xié)議在提高安全性的同時,保持了較高的效率,更適用于安全需求較高的資源受限環(huán)境。最后,用SPALL方法證明了協(xié)議的強認證性、密鑰協(xié)商正確性和密鑰的機密性、新鮮性。3.研究了無線傳感網(wǎng)認證密鑰協(xié)商協(xié)議。分析了Yuan提出的加強的雙因子認證協(xié)議,指出其不能抵抗離線口令猜測攻擊、匹配泄露攻擊和網(wǎng)關節(jié)點冒充攻擊,且未能實現(xiàn)會話密鑰協(xié)商等。為克服以上缺陷,設計了一個新協(xié)議,并進行安全和效率分析。結果顯示,新協(xié)議彌補了原協(xié)議的不足,且保持了較高的效率,更適用于實際環(huán)境。最后,用SPALL方法證明了新協(xié)議滿足密鑰協(xié)商正確性、密鑰機密性、外部用戶與網(wǎng)關節(jié)點的相互認證及傳感器節(jié)點與網(wǎng)關節(jié)點的相互認證。
[Abstract]:With the rapid development and application of Internet technology, people pay more attention to the security of network information system, and as one of the most effective means of information security. The authentication key agreement protocol can realize the mutual authentication of the entities in the network through a series of information exchange, and at the same time, establish a secure channel through the session key agreement. But with the rapid development of network information and the continuous expansion of application scenarios, different application backgrounds must be configured with different authentication key agreement protocol. How to design the corresponding authentication key agreement protocol for different application environment has important theoretical value and application significance. This paper studies the authentication key agreement protocol under different application environment. The following results are obtained: 1. Single server authentication key agreement protocol is studied. At present, most of the single server authentication protocols based on smart card password have some security defects to overcome these shortcomings. In this paper, a single server authentication protocol with high security characteristics is designed, which has high efficiency and is more suitable for practical environment. This paper analyzes a single server authentication protocol for cloud computing, and points out its shortcomings. In order to overcome these shortcomings, elliptic curve public key cryptography technology is introduced, a new protocol is proposed, and the security and efficiency are analyzed. The results show that the new protocol is more secure than other protocols. Finally, the security of the protocol is proved by the SPALL method. 2. The multi-server authentication key agreement protocol based on the ECDHP problem and the ECDLP problem is studied. A multi-server authentication key agreement protocol based on dynamic ID is designed by introducing symmetric encryption algorithm, electronic note and biometrics matching. The security and efficiency analysis show that. This protocol not only improves security, but also maintains high efficiency, which is more suitable for resource-constrained environment with high security requirements. Finally, the strong authentication of the protocol is proved by SPALL method. The correctness of key agreement and the confidentiality of key. 3. The authentication key agreement protocol of wireless sensor network is studied, and the enhanced two-factor authentication protocol proposed by Yuan is analyzed. It is pointed out that it can not resist off-line password guessing attack matching leak attack and gateway node impersonation attack and fails to implement session key agreement. In order to overcome the above defects a new protocol is designed. The results of security and efficiency analysis show that the new protocol makes up for the shortcomings of the original protocol, and maintains a higher efficiency, which is more suitable for the actual environment. Finally. The SPALL method is used to prove the correctness of the new protocol, the confidentiality of the key, the mutual authentication between the external user and the gateway node, and the mutual authentication between the sensor node and the gateway node.
【學位授予單位】：解放軍信息工程大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN918.4

【相似文獻】

相關期刊論文 前10條

1 金茂順;一種可認證密鑰分配方案[J];計算機工程與設計;2002年03期

2 祁明，張凌，唐韶華，肖國鎮(zhèn);可認證密鑰交換方案[J];計算機工程與應用;1998年03期

3 董小燕,許勇,吳國新,翟明玉;基于用戶口令的認證密鑰交換技術[J];數(shù)據(jù)通信;2001年03期

4 夏露;鄭燦燦;肖必光;;電子商務身份認證密鑰原理與應用研究[J];當代經(jīng)理人;2005年04期

5 路守克;史國川;;身份基認證密鑰協(xié)商協(xié)議[J];計算機技術與發(fā)展;2011年12期

6 李建兵;用IC卡實現(xiàn)登錄控制[J];計算機安全;2004年10期

7 劉鋒;高冬梅;程學翰;;基于可公開認證密鑰共享的電子現(xiàn)金系統(tǒng)[J];蘭州大學學報(自然科學版);2007年06期

8 劉文剛;李哠;何明星;;基于簽密的高效可認證密鑰協(xié)商協(xié)議[J];計算機工程;2011年02期

9 路守克;史國川;;對一個認證密鑰協(xié)商協(xié)議的分析與改進[J];計算機工程與科學;2011年11期

10 李勝金;張昌宏;周大偉;;一種基于ECDH的可認證密鑰協(xié)商協(xié)議[J];信息安全與通信保密;2011年07期

相關會議論文 前1條

1 劉翠卿;平西建;張濤;王云鶴;;基于GF(2~6)上RS碼的信息隱藏應用研究[A];第七屆全國信息隱藏暨多媒體信息安全學術大會論文集[C];2007年

相關博士學位論文 前2條

1 金海e，

本文編號：1448265