论文部分内容阅读
现有的基于身份的认证密钥协商协议大多工作于单一私钥生成中心(Public Key Generator,PKG)环境下.提出了一种新的基于身份的层次认证密钥协商协议.该协议中,根PKG为多层的域PKG验证身份并生成私钥,域PKG为用户验证身份并生成私钥.多层PKG有效防止了单点失效问题,减轻了PKG的运行压力,提高了系统的承载能力.与已有协议相比,本文协议的计算开销与双方用户所处层级成线性关系,不含双线性对运算,具有更高的效率.协议的安全性基于计算性Diffie-Hellman困难假设,满足密钥协商协议所需的基本安全需求,具有PKG前向安全等安全性质.
Most of the existing identity-based authentication key agreement protocols work in the environment of a single public key generator (PKG), and a new identity-based hierarchical authentication key agreement protocol is proposed. In this protocol, the root PKG verifies identity and generates private key for multi-domain domain PKG, and domain PKG verifies identity and generates private key for users. Multi-layer PKG effectively prevents single-point failure, reduces the operating pressure of PKG and improves the carrying capacity of the system. Compared with the existing protocols, the computational cost of this protocol has a linear relationship with the user level of the two parties, and does not contain bilinear pairing operations, so it is more efficient. The protocol security is based on computational Diffie-Hellman’s difficult assumption The basic security requirements required by the key agreement protocol are security features such as PKG forward security.