非交互密钥协商综述  

作　　者：张明瑞 张蕊[1,2] 张磊[1,2] ZHANG Ming-Rui;ZHANG Rui;ZHANG Lei(Shanghai Key Laboratory of Trustworthy Computing,Software Engineering Institute,East China Normal University,Shanghai200062;Engineering Research Center of Software/Hardware Co-design Technology and Application,Ministry of Education(East China Normal University),Shanghai200062)

机构地区：[1]华东师范大学软件工程学院上海市高可信计算重点实验室,上海200062 [2]软硬件协同设计技术与应用教育部工程研究中心,上海200062

出　　处：《计算机学报》2024年第3期558-574,共17页Chinese Journal of Computers

基　　金：国家自然科学基金(62372177,61972159)资助.

摘　　要：非交互密钥协商作为一种重要的密码学原语是一种极具潜力的安全信道建立范式,持续受到学术界和工业界的密切关注.本文综述了非交互密钥协商协议的发展概况以及待解决的问题.有别于以往的综述,我们在对传统的非交互密钥协商协议进行全面回顾的同时,还对由消息层安全协议衍生的一类部分非交互密钥协商协议进行了深入的探讨.这类协议的突出特点在于,它们能够(部分)非交互式地为群组建立(初次)会话密钥;且后续在群组需要动态变化时,仅需其中一个参与者发送一条请求消息,其他参与者进行监听就能完成群组会话密钥的更新.此外,本文首次讨论了一种基于非对称群密钥协商构造多方非交互密钥协商协议的潜在技术路线,以及利用区块链技术作为公钥基础设施扩充组件用于解决非交互密钥协商协议设计中潜在风险的方法.Key exchange protocol serve as a fundamental cryptographic primitive,traditionally involving participants in one or multiple communication rounds to establish a shared session key.However,the innovation of non-interactive key exchange protocols revolutionizes this process,allowing participants to derive a session key without direct communication.This feature is particularly valuable in scenarios where real-time interaction is impractical,making non-interactive key exchange a promising paradigm for secure communication channels,drawing significant attention from academic and industrial communities.This paper aims to provide a comprehensive survey of the developmental trajectory in the field of non-interactive key exchange protocols and the current unresolved challenges in this domain.In contrast to prior survey papers,our survey involves not only an in-depth examination of the evolution of traditional non-interactive key exchange protocols,but also partially non-interactive key exchange protocols which stem from message-layer secure protocols proposed by researchers affiliated with the Internet Engineering Task Force(IETF).Notably,these partially non-interactive key exchange protocols enable a group of participants to establish session keys in a(partial)non-interactive manner.This partial non-interactivity offers a nuanced perspective,especially beneficial in dynamic group communication scenarios.In such a scenario,when there is a dynamic change in participant composition within the group,only one participant needs to send a request message,while the others simply listen to it in order to complete the update of the group session key.Consider a scenario where there is a dynamic change in participant composition within the group.This process enhances the adaptability and security of group communication.Additionally,this paper introduces,for the first time,a potential solution for constructing multi-party non-interactive key exchange protocols based on asymmetric group key agreement which allows a group of participan

关 键 词：密钥协商 群密钥协商 非交互密钥协商 消息层安全协议 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]