College of Information and Computer, Taiyuan University of Technology

【目的】通过分析Lippold安全模型中的会话部分密钥泄露伪装攻击(P-KCI),发现现有无证书密钥协商协议存在安全缺陷,无法抵挡会话部分密钥泄露伪装攻击。【方法】总结了Lip-pold安全模型中会话部分密钥泄露伪装攻击的8种不同密钥组合泄露攻击,利用这些攻击,分析了现有无证书密钥协商协议的安全缺陷。【结果】提出了一种可以完全抵挡P-KCI攻击的高效无证书两方认证密钥协商协议,并扩展了eCK(extendedextended-Canetti-Krawczyk)模型,证明了本协议的安全性。【结论】与现有的同类协议相比,本文协议安全性有较大提高且计算损耗降低了28.4%.

【Purposes】 By analyzing the session partial key disclosure camouflage attack (P-KCI) in Lippold security model, it is found that the existing certificateless key agreement proto-cols have security defects that they can’t resist the P-KCI attack. 【Methods】 In this paper, eight different key combination disclosure attacks of session partial key disclosure camouflage attack in Lippold security model are summarized. Besides, the security defects of existing certificateless key agreement protocols are analyzed by using these attacks. 【Findings】 A secure and efficient pairing-free CT-AKA protocol that can perfectly resist P-KCI attack is proposed, and its security is analyzed in an extended extended-Canetti-Krawczyk(eCK) model. 【Conclusions】 Compared with other existing similar protocols, the proposed protocol is more secure, and the calculated loss is reduced by 28.4%.

山西省自然科学基金资助项目(201903D121121,201701D111002)

张萌楠,马垚,陈永 乐,等.面 向 Lippold安 全 模 型 的 无 证 书 两 方 认 证 密 钥 协 商 协 议[J].太 原 理 工 大 学 学 报,2023,54(5):773-781.

ZHANG Mengnan,MA Yao,CHEN Yongle,et al.A certificateless two-party authenticated key agreement pro-tocol under the lippold security model[J].Journal of Taiyuan University of Technology,2023,54(5):773-781.