面向数据出域安全的鲁棒认证密钥协商协议  

作　　者：张晶辉 张起嘉 刘海 田有亮[4,5] 李凤华 ZHANG Jinghui;ZHANG Qijia;LIU Hai;TIAN Youliang;LI Fenghua(Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100085,China;School of Cyber Security,University of Chinese Academy of Sciences,Beijing 100049,China;State Key Laboratory of Cyberspace Security Defense,Beijing 100085,China;College of Computer Science and Technology,Guizhou University,Guiyang 550025,China;College of Big Data and Information Engineering,Guizhou University,Guiyang 550025,China)

机构地区：[1]中国科学院信息工程研究所,北京100085 [2]中国科学院大学网络空间安全学院,北京100049 [3]网络空间安全防御全国重点实验室,北京100085 [4]贵州大学计算机科学与技术学院,贵州贵阳550025 [5]贵州大学大数据与信息工程学院,贵州贵阳550025

出　　处：《通信学报》2025年第2期29-43,共15页Journal on Communications

基　　金：国家重点研发计划基金资助项目(No.2021YFB3101300);国家自然科学基金联合基金重点支持项目(No.U1836205);国家自然科学基金资助项目(No.U23B2024,No.62272123);贵阳市科技计划基金资助项目(No.[2022]2-4);贵州省科技计划项目(No.[2022]065)。

摘　　要：针对数据出域场景下的数据安全传输需求,给出了相应的系统模型与安全模型,并提出了一种基于TEE的鲁棒认证密钥协商协议。该协议基于收发双方的可信执行环境,实现了传输密钥的高效抗干扰合成。通过理论证明,所提协议中的通信消息具有机密性和存在性不可伪造。最后,实验结果和性能分析表明,与同类型协议相比,所提协议在安全性上具有明显优势,并且降低了通信开销与计算开销,满足基于隐私计算的多方数据安全计算模型的轻量级需求,未来可支撑在可信环境中隐私信息的按需脱敏。Towards the need for cross-domain data security,a corresponding system model and security model were presented,and a TEE-based robust authenticated key agreement protocol was proposed.This protocol achieved efficient interference-resistant key synthesis within the trusted execution environments of both sender and receiver.Theoretical proofs demonstrated that the communication messages in the proposed protocol maintain confidentiality and were unforgeability.Finally,experimental results and performance analysis indicate that compared to similar protocols,the proposed protocol offers significant advantages in terms of security,while reducing communication and computational overhead,meeting the lightweight requirements of multi-party data security computing model based on privacy computing.This paves the way for supporting on-demand data desensitization in trusted environments in the future.

关 键 词：数据出域安全 认证密钥协商 可信执行环境 中间人攻击 鲁棒性 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]