基于特征值的可验证三方安全密钥交换协议  被引量：7

作　　者：张艳硕 王泽豪 王志强 陈辉焱 ZHANG Yanshuo;WANG Zehao;WANG Zhiqiang;CHEN Huiyan(Department of Cryptology Science and Technology,Beijing Electronic Science&Technology Institute,Beijing 100070,China;State Key Laboratory of Cryptology,Beijing 100878,China;Department of System Security,Data Communication Science and Technology Research Institute,Beijing 100191,China)

机构地区：[1]北京电子科技学院密码科学与技术系,北京100070 [2]密码科学技术国家重点实验室,北京100878 [3]数据通信科学技术研究所系统安全部,北京100191

出　　处：《通信学报》2019年第12期149-154,共6页Journal on Communications

基　　金：中国民航信息技术科研基金资助项目(No.CAAC-ITRB-201705);信息网络安全公安部重点实验室开放基金资助项目(No.C17608);中央高校基本科研业务费项目(No.328201902)~~

摘　　要：为解决传统密钥交换协议无法进行三方密钥协商,不够灵活且安全性存在缺陷的问题,借助于秘密矩阵特征值,首先提出了一种可以抵御中间人攻击且简单灵活的三方密钥交换方案,但该方案无法对密钥交换的有效性进行验证,即无法防止不被中间人伪造。在此基础上,对秘密矩阵进行重新构建,其中矩阵阶数为大偶数,所有的特征值成对出现,相似于对角阵。基于所提的特殊秘密矩阵,引入验证环节对通信方的合法性进行验证,给出了基于特征值的可验证三方密钥交换协议。该协议既解决了三方密钥交换的问题,又可对身份合法性进行验证,证明基于特征值进行三方密钥交换协议设计是可行的,最终设计的协议兼具安全性和高效性。In order to solve the problem that the traditional key exchange protocol,which was not flexible enough and flawed in security,cannot provide the function of three-party key negotiation,firstly,a simple and flexible three-party key exchange scheme that can resist man-in-the-middle attacks was proposed with the help of secret matrix eigenvalues.However,the validity of key exchange cannot be verified by the scheme,and counterfeiting by middlemen can’t be prevented.Then based on it,the secret matrix was reconstructed,where the matrix order was a large even number,and all the eigenvalues appeared in pairs,similar to the diagonal matrix.Based on the special secret matrix,the verification part which can be used to verify the legitimacy of the communication party was introduced to the scheme,and the verifiable three-party key exchange protocol based on the eigenvalue was given.The protocol not only solved the problem of three-party key exchange,but also verified identity legitimacy.It is proved that it’s feasible to design a three-party key exchange protocol by the eigenvalue.The final protocol is both secure and efficient.

关 键 词：密钥交换 三方 特征值 中间人攻击 矩阵 

分 类 号：TN911.7[电子电信—通信与信息系统]