可证明安全的高效车联网认证密钥协商协议  被引量：3

作　　者：乔子芮[1,2] 杨启良 周彦伟 杨波[1] 顾纯祥 张明武[2,3] 夏喆 QIAO Zi-Rui;YANG Qi-Liang;ZHOU Yan-Wei;YANG Bo;GU Chun-Xiang;ZHANG Ming-Wu;XIA Zhe(School of Computer Science,Shaanxi Normal University,Xi’an 710062;State Key Laboratory of Cryptology,Beijing 100878;Guangxi Key Laboratory of Cryptography and Information Security,Guilin University of Electronic Technology,Guilin,Guangxi541004;Shanghai Computer Software Technology Development Center,Shanghai 201112;Henan Key Laboratory of Network Cryptography Technology,Zhengzhou 450052;School of Computer Science and Technology,Wuhan University of Technology,Wuhan 430070)

机构地区：[1]陕西师范大学计算机科学学院,西安710062 [2]密码科学技术全国重点实验室,北京100878 [3]桂林电子科技大学广西密码学与信息安全重点实验室,广西桂林541004 [4]上海计算机软件技术开发中心,上海201112 [5]河南省网络密码技术重点实验室,郑州450052 [6]武汉理工大学计算机科学与技术学院,武汉430070

出　　处：《计算机学报》2023年第5期929-944,共16页Chinese Journal of Computers

基　　金：国家重点研发计划(2017YFB0802000);国家自然科学基金(62272287,61802242,U2001205);广西密码学与信息安全重点实验室研究课题(GCIS202108);河南省网络密码技术重点实验室研究课题(LNCT2021-A04);中央高校基本科研业务费专项资金资助。

摘　　要：为进一步解决当前车联网认证密钥协商协议效率低下及车辆公私钥频繁更新的问题,研究者利用无证书密码体制能够解决身份基密码体制中密钥托管不足和传统公钥基础设施中证书复杂管理问题的优势,提出了安全高效的无证书车联网认证密钥协商协议.然而,本文分析发现现有的协议要么不具有轻量级的特征,要么无法满足其所声称的安全性.针对上述问题,本文提出安全性可证明的高效车联网认证密钥协商协议的新型构造,并基于判定性Diffie-Hellman和离散对数等复杂性假设对协商密钥的安全性和通信消息的不可伪造性进行了形式化证明.与现有的相关协议相比,本文协议不仅效率更高且安全性更优,同时具备证书和密钥的集中管理、双向认证等属性,上述优势使得该协议在车联网中具有更好的性能和适应性,因此我们的协议更适合在该网络中使用.To further solve low efficiency and frequent updates of the public keys and the private keys of vehicles in the authentication key agreement(AKA)protocol for vehicular Ad-Hoc network(VANET),some AKA protocols were proposed by researcher based on certificateless aggregate signature scheme,because the certificateless cryptography primitives can resolve the key escrow shorting of the identity-based cryptography and the certificate management problem of the public key infrastructure.However,we find that the previous AKA protocols either do not have high computational efficiency or cannot keep their claimed security.Hence,to further solve the above problems,an efficient AKA protocol with provable security is designed in this paper,in which,the security of the session key and the unforgeability of the communication messages are proved based on the hardness of the classic complexity assumptions.Such as decisional Diffie-Hellman,discrete logarithm,etc.Compared with the previous protocols,our proposal has higher computational efficiency and better security,In VANET,these advantages,such as centralized management of certificates and mutual authentication,make our protocol has better performance and adaptability.

关 键 词：无证书公钥密码机制 认证密钥协商 车辆自组织网 分叉引理 

分 类 号：TP393[自动化与计算机技术—计算机应用技术]