一种基于无线的组合公钥认证方案

信息安全研究 ›› 2020, Vol. 6 ›› Issue (8): 722-726.

一种基于无线的组合公钥认证方案

陈亚茹

河南工业贸易职业学院信息工程系

收稿日期:2020-08-04 出版日期:2020-08-05 发布日期:2020-08-04
通讯作者: 陈亚茹
作者简介:陈亚茹硕士研究生，教师，主要研究方向为信息安全、大数据. 642200814@qq.com

A wireless authentication scheme based on Combined Public Key

Received:2020-08-04 Online:2020-08-05 Published:2020-08-04

摘要/Abstract

摘要： 无线通信中存在移动设备宽带不稳定和存储容量少的问题，802.1X认证、VPN认证、PKI认证等方式是目前最常见的解决方案.针对目前客户端接入企业网络过程中802.1X认证、VPN认证、PKI认证等方式无法满足无线通信身份认证的安全问题，提出了一种基于组合公钥（CPK）的无线身份认证方案.首先，提出的改进方案是基于原椭圆曲线上对密钥协商协议进行的改进，实现在无线网络下安全通信；然后，研究在该协议下基于组合公钥登录认证的实现过程，基于组合公钥的认证技术支持客户端的访问；最后，对改进的方案进行安全性分析.通过模拟实验对比，证明基于组合公钥的无线身份认证方案有较强的安全性和缩短了认证的时间.

关键词: 组合公钥, 登录认证, 密钥协商, 无线通信

Abstract: Due to the limitation of the broadband and storage of mobile devices, 802.1X authentication, VPN authentication and PKI authentication can not meet the requirements of wireless communication authentication in the process of client access to enterprise network. A CPK-based wireless authentication scheme is proposed. Firstly, the improved scheme is based on the original elliptic curve, which improves the key agreement protocol and realizes the communication in wireless network. Then, the implementation process of CPK-based login authentication under this protocol is studied to support client access. Finally, the security of the improved scheme is analyzed. The simulation results show that the scheme based on CPK has strong security and computational efficiency.

Key words: CPK, login authentication, key negotiation, wireless communication

陈亚茹. 一种基于无线的组合公钥认证方案[J]. 信息安全研究, 2020, 6(8): 722-726.

参考文献

[1]王鹏,李谢华,陆松年.基于认证测试方法的EAP-AKA协议分析[J].计算机工程与应用,2007,44(15):157-159 [2]董春冻,王聪,刘军,等.基于公钥的EAP-AKA协议改进及安全性分析[J].计算机工程与设计,2014,35(1):32-36 [3]李晓伟,张玉清,张格非,等.基于智能卡的强安全认证与密钥协商协议[J].电子学报,2014,42(8):1587-1593 [4]Koblitz N. Elliptic curve cryptosystems. Math Comput 1987;48(177):203-209 [5]Miller V S .Use of elliptic curves in cryptography[J]. Advances in Cryptology Crypto, 1986, 46(128):417-226 [6]Sui A F , Hui L C K , Yiu S M , et al. An improved authenticated key agreement protocol with perfect forward secrecy for wireless mobile communication[C]//Proc of IEEE Wireless Communications & Networking Conf. Piscataway,NJ:IEEE, 2005 [7]Lu R ,Cao Z ,Zhu H.An enhanced authenticated key agreement protocol for wireless mobile communication[J]. Computer Standards & Interfaces, 2007, 29(6):647-652 [8]He D. Weakness in an ECC-based AKA protocol for wireless mobile communications[J]. Computer Standards & Interfaces, 2011, 33(7):527-532 [9]Guo H , Xu C , Mu Y , et al. A provably secure authenticated key agreement protocol for wireless communications[J]. Computers & Electrical Engineering, 2012, 38(3):563-572 [10]李欣，吴旭东.基于CPK认证技术的移动安全接入系统[J].武汉理工大学学报:信息与管理工程版，2011，33(3):342-345 [11]侯整风，李岚.椭圆曲线密码系统(ECC)整体算法设计及优化研究[J].电子学报，2004,43(11):1904-1906 [12]曹建,陆建德.一种基于ECDH方案实现IKE密钥交互的分析与设计[J].计算机应用与软件,2008,25(5):53-55 [13]Shahbazi K , Eshghi M , Faghih Mirzaee R . Design and implementation of an ASIP-based cryptography processor for AES, IDEA, and MD5[J]. Engineering Science and Technology, an International Journal, 2017, 20(4):1308-1317 [14]Nell Olver. A note on hierarchical hubbing for a generalization of the VPN problem[J]. Operations Research Letters,2016,44(2):114-120 [15] Chen TienHo, Chen YenChiu. An Advanced ECC ID-Based Remote Mutual Authentication Scheme for Mobile Devices[M]. 2010 [16] Qin B , Huang J , Wang Q , et al. A decentralized PKI mitigating MitM attacks[J]. Future Generation Computer Systems, 2017,34(10):12-19 [17]于孟涛. WPKI/IBE认证方法研究及IBE系统的SIM卡私钥保存实现[D]. 长春：吉林大学，2009