面向用电信息采集系统的双向认证协议  被引量：15

作　　者：赵兵[1] 高欣[2] 翟峰[1] 陈鹏[2] 王鑫[2] 

机构地区：[1]中国电力科学研究院,北京市海淀区100192 [2]北京邮电大学自动化学院,北京市海淀区100876

出　　处：《电网技术》2014年第9期2328-2335,共8页Power System Technology

基　　金：国家重点基础研究发展计划项目(973计划)(2012CB724400)~~

摘　　要：用电信息采集系统涉及计费信息、居民用电隐私等核心数据,对数据的产生、传输及存储等方面具有较高的保密性、完整性和可用性需求。基于国家电网公司的认证授权(certificate authority,CA)系统,利用数字签名和挑战应答思想,并结合MAC动态密钥协商及签名校验,提出一种适用于用电信息采集系统的双向认证协议。利用非形式化方法和基于有色Petri网理论的形式化分析方法对提出的协议进行了状态转移分析和安全性论证,证明该协议在能够成功达到预期运行状态的前提下满足多重认证、前向安全及后向安全等安全属性,此外该协议能够在有效抵抗伪造、恶意重放及去同步攻击的情况下实时高效地完成实体认证和动态密钥协商。最后,对该协议在用电信息采集系统中的适用性及有效性进行了分析。Since electricity consumption information acquisition system relates to such core data as the billing information and the privacy of residential electricity consumption and so on, a higher demand in confidentiality, integrity and adaptability for the generation, transmission and storage of data has to be put forward. Based on the certificate authority （CA） system of State Grid Corporation of China （SGCC） and utilizing the idea of digital signature and challenge-response mechanism combined with MAC dynamic key negotiation, a mutual authentication protocol suitable for electricity consumption information acquisition system is proposed. Using non-formalized method and colored Petri net theory based formal analysis method, the state transition analysis and the security demonstration of the proposed protocol are implemented to prove that the proposed protocol can realize such security attributes as multiple authentication, forward security, backward security and so on under the premise of achieving the expected state of operation successfully. Besides, the proposed protocol can complete entity authentication and dynamic key agreement in real time and efficiently while the forgery, the malicious replay and the de-synchronization attack are effectively resisted. Finally, the applicability and availability of the proposed protocol in electricity consumption information acquisition system are analyzed.

关 键 词：用电信息采集 数字签名 形式化分析 去同步攻击 有色PETRI网 安全性分析 

分 类 号：TM913[电气工程—电力电子与电力传动]