摘要
给出了一个无双线性对的无证书两方密钥协商方案,并演示了这些不安全无证书方案存在的攻击.只要每方至少有1个未泄露的秘密值,该方案在最强的安全模型下就是安全的.即使密钥生成中心知道双方的临时私钥或显示双方的秘密值/替换公钥(但不能同时),但只要计算Diffie-Hellman假设成立,该方案在随机预言机模型下也被证明是安全的.该方案消除了对运算,与其他无证书密钥协商方案相比,该方案是己知无证书安全协商方案中计算复杂度最低的.该方案尤其适合于带宽受限的通信环境中使用,如Ad Hoc网络、无线传感器网络等.
A pairing-free certificateless two party key agreement scheme(CL-KA) is proposed.This work is able demonstrates all existing CL-KA schemes(except for Lippold’s scheme) are insecure in the eCK model.The scheme is secure in the eCK model as long as each party has at least one uncompromised secret.The scheme has proven to be secure in the random oracle model(ROM),assuming that the computational Diffie-Hellman assumption hold even if the key generation centre(KGC) learns the ephemeral secrets of both parties,or reveal secret values/replace public keys,but not both.The scheme eliminates pairing computation.It achieves efficiency in computational cost when compared with all the other known certificateless key agreement schemes.The scheme is more suitable for the restricted bandwidth of the communication environment,such as ad hoc networks,wireless sensors,and so on
出处
《软件学报》
EI
CSCD
北大核心
2011年第11期2843-2852,共10页
Journal of Software
基金
国家高技术研究发展计划(863)(2009AA01Z415)
关键词
密钥协商
两方协议
无证书
无双线性对
key agreement
two party protocol
eertificateless
without bilinear pairing
