基于身份的跨自治域认证密钥协商协议

中文摘要: 当前的跨信任域认证密钥协商协议都对系统参数做了限制假设，这种假设法满足实际网络需要，为此提出了一种基于身份的跨自治域密钥协商方案，在该方案中各个PKG可以使用完全不同的公开参数以及各自不同的PKG主密钥。在eCK模型下给出了该密钥协商方案的形式化证明，表明该方案在满足基本安全属性的基础上，还具有弱的完美前向安全性、PKG前向安全性、抗密钥泄露伪装攻击以及抗临时密钥泄露攻击等属性。与几种典型的基于身份的跨域认证密钥协商方案性能对比分析表明，提出的方案更加安全高效。
Abstract:Current identity-based authenticated key agreement schemes still have restriction on PKG system parameters.The assumption limits the application in real network environment.In order to solve these problems,an identity-based cross-domain authenticated key agreement protocol was proposed.There is no restriction on PKG system parameters so that public system parameters,system master keys and system public keys can be totally different.The security of this scheme was analyzed under the eCK model,and the result showed that this protocol satisfies the basic security requirements,perfect forward secrecy and PKG forward secrecy.Moreover,this protocol is robust to the existing attacks such as key compromise impersonation attack and ephemeral key compromise impersonation attack. Comparison with some typical identity-based multi-domain authenticated key agreement protocols showed that this scheme is more secure and efficient.