摘要
密钥协商是会话密钥建立的一种重要方式,这种手段的最大优势是不需要参与会话密钥生成的可信第三方和安全信道,协议的参与者也无需信任其他参与者.本文围绕基于PKI的认证密钥协商协议和其安全性分析理论展开研究,首先根据参与者长期私钥的不同性质对密钥协商协议进行了分类,之后聚焦基于PKI体系的密钥协商协议,介绍了双方、三方口令和群密钥协商协议的研究现状,同时指出了这些方案的优缺点和对应的改进方案,并从中提炼出设计这类密钥协商协议的基本原则以及应达到的安全目标.对协议的安全性分析也是这一研究领域的重要方向,本文总结了现有的密钥协商协议的安全性论证方法,考虑到可证明安全理论是目前协议安全性分析的主流方向,本文重点论述了可证明安全理论在双方,三方口令和群认证密钥协商中的研究进展.随着移动互联网、物联网、云计算等技术的快速发展,现代密码协议的运行环境日趋复杂,关于密钥协商协议依然存在很多的问题值得进一步探索和研究,本文对这些问题也进行了总结归纳.
Key agreement is an important kind of key establishment, with its advantage being no need of any trusted third party and security channel to establish a session key, and the participants do not need to trust other parties. In this paper, we focus on the development of PKI-based AKA protocols and the provable security theory for these protocols, we classify the key agreement protocols according to the different properties of long-term keys of the participants, then we introduce the research status of AKA protocols in two-party, three-party password-based and group settings and analyze their advantages and security flows, we also describe the basic design principle and the security goal. Considering the necessity of the security analysis, we summarize the methods for analyzing the security of AKA protocols and the development and advances of the applications of provable security to the design and analysis of AKA protocols in two-party, three-party password-based and group settings. With the development of mobile Internet, Internet of Things and cloud computing, the running environment for modern cryptographic protocols is becoming more and more complicated, and many problems for key agreement protocols remain to be further studied, and the emphases of the research in this field is also pointed out.
出处
《密码学报》
2014年第6期551-567,共17页
Journal of Cryptologic Research
基金
国家教育部博士点专项基金(20120073110094)
上海市科委"科技创新行动计划"信息技术领域项目(14511100300)
中国博士后科学基金资助项目(No.2014M552524)
关键词
信息安全
密钥协商
可证明安全
安全目标
随机预言模型
information security
key agreement
provable security
security goal
random oracle model
