CN109039607A - A kind of Safety Analysis Method of code key agreement protocol - Google Patents

A kind of Safety Analysis Method of code key agreement protocol Download PDF

Info

Publication number
CN109039607A
CN109039607A CN201810969683.XA CN201810969683A CN109039607A CN 109039607 A CN109039607 A CN 109039607A CN 201810969683 A CN201810969683 A CN 201810969683A CN 109039607 A CN109039607 A CN 109039607A
Authority
CN
China
Prior art keywords
cert
agreement protocol
key agreement
safety analysis
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201810969683.XA
Other languages
Chinese (zh)
Inventor
余磊
卓泽朋
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huaibei Normal University
Original Assignee
Huaibei Normal University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huaibei Normal University filed Critical Huaibei Normal University
Priority to CN201810969683.XA priority Critical patent/CN109039607A/en
Publication of CN109039607A publication Critical patent/CN109039607A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0819Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Abstract

It is disclosed by the invention to belong to field of information security technology, specially a kind of Safety Analysis Method of code key agreement protocol, the Safety Analysis Method of the code key agreement protocol includes the following steps: S1: choosing an attacker E, is realized using attacker E and implement unknown key-share attack to key agreement protocol;S2:A verifies the digital signature of E, and checks 1 < gyWhether < q is true;S3:A randomly selects a secret valueAnd with the public key PK of EBEncryption;S4:B SKBDecryptionAnd ENC is decrypted with xx(α, Cert (A)), obtains α and verifying Cert (A), and B verifies Cert (A);S5:B calculates β=h1((gα)y), and be compared with α;S6:B calculates h2(gx), and it is sent to A as confirmation message, A calculates h2(gx), and message h is sent with E2(gx) be compared, key agreement protocol can be analyzed in the safety by known various attacks, the safety analysis to passive attack and go-between's forgery attack is realized, substantially increase the safety of key agreement protocol.

Description

A kind of Safety Analysis Method of code key agreement protocol
Technical field
The present invention relates to field of information security technology, specially a kind of Safety Analysis Method of code key agreement protocol.
Background technique
Key agreement protocol is that the parameter that session key is generated respectively by each agreement participant is calculated by certain Out.Key Establishing Protocol refers to that two or more participants establish the mistake of interim secret session key on disclosed network Journey, the session key obtained using this agreement, participants can establish safe lane in open network, to guarantee The safety of information is transmitted, Key Establishing Protocol is the basic module of cryptography, and safety is established on unsafe network The most basic demand of channel.Not only there is complicated calculating for existing key agreement protocol, and there is also insecurity, So needing to carry out safety analysis to key agreement protocol, existing analysis method complex steps, analytic angle is single, thus Comprehensively key agreement protocol can not be analyzed.For this purpose, it is proposed that a kind of safety analysis side of code key agreement protocol Method.
Summary of the invention
The purpose of the present invention is to provide a kind of Safety Analysis Methods of code key agreement protocol, to solve above-mentioned background skill The problem of being proposed in art.
To achieve the above object, the invention provides the following technical scheme: a kind of safety analysis side of code key agreement protocol The Safety Analysis Method of method, the code key agreement protocol includes the following steps:
S1: choosing an attacker E, is realized using attacker E and implements unknown key-share attack to key agreement protocol, Randomly select a secret valueCalculate gyAnd X=gyModp, B are using the private key of oneself to gy, Cert (B) does number Sign { gy,Cert(B)sigB, B is gy, Cert (B), { gy,Cert(B)sigBIt is sent to A;
S2:A verifies the digital signature of E, and checks 1 < gyWhether < q is true, if so, it authenticates successfully, if not, Authentification failure;
S3:A randomly selects a secret valueAnd with the public key PK of EBEncryption, and α and Cert (A), A are encrypted with x ?ENCx(Cert (A)) is sent to E;
S4:B SKBDecryptionAnd ENC is decrypted with xx(α, Cert (A)) obtains α and verifying Cert (A), B verifying Cert (A), if it fails, authentification failure, if success, authenticates successfully;
S5:B calculates β=h1((gα)y), and be compared with α, if two differences, authentification failure, if they are the same, certification at Function;
S6:B calculates h2(gx), and it is sent to A as confirmation message, A calculates h2(gx), and message h is sent with E2 (gx) be compared, if two differences, authentification failure authenticate successfully if they are the same.
Preferably, in the step S1, attacker E needs to generate the long-term private of oneself, and applies for the certificate of oneself Cert(E)。
Preferably, in the step S1 private key of B calculation method be using based on Lagrange Polynomial interpolating method into Row private key calculates.
Compared with prior art, the beneficial effects of the present invention are: a kind of safety for code key agreement protocol that the invention proposes Property analysis method, key agreement protocol can be analyzed in the safety by known various attacks, realize to passive attack and The safety analysis of go-between's forgery attack substantially increases the safety of key agreement protocol.
Specific embodiment
The technical scheme in the embodiments of the invention will be clearly and completely described below, it is clear that described implementation Example is only a part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, this field is common Technical staff's every other embodiment obtained without making creative work belongs to the model that the present invention protects It encloses.
The present invention provides a kind of technical solution: a kind of Safety Analysis Method of code key agreement protocol, which negotiates association The Safety Analysis Method of view includes the following steps:
S1: choosing an attacker E, is realized using attacker E and implements unknown key-share attack to key agreement protocol, Randomly select a secret valueCalculate gyAnd X=gyModp, B are using the private key of oneself to gy, Cert (B) does number Sign { gy,Cert(B)sigB, B is gy, Cert (B), { gy,Cert(B)sigBIt is sent to A;
S2:A verifies the digital signature of E, and checks 1 < gyWhether < q is true, if so, it authenticates successfully, if not, Authentification failure;
S3:A randomly selects a secret valueAnd with the public key PK of EBEncryption, and α and Cert (A), A are encrypted with x ?ENCx(Cert (A)) is sent to E;
S4:B SKBDecryptionAnd ENC is decrypted with xx(α, Cert (A)) obtains α and verifying Cert (A), B verifying Cert (A), if it fails, authentification failure, if success, authenticates successfully;
S5:B calculates β=h1((gα)y), and be compared with α, if two differences, authentification failure, if they are the same, certification at Function;
S6:B calculates h2(gx), and it is sent to A as confirmation message, A calculates h2(gx), and message h is sent with E2 (gx) be compared, if two differences, authentification failure authenticate successfully if they are the same.
Wherein, in the step S1, attacker E needs to generate the long-term private of oneself, and applies for the certificate Cert of oneself (E), the calculation method of the private key of B is to carry out private key calculating using based on Lagrange Polynomial interpolating method in the step S1.
It although an embodiment of the present invention has been shown and described, for the ordinary skill in the art, can be with A variety of variations, modification, replacement can be carried out to these embodiments without departing from the principles and spirit of the present invention by understanding And modification, the scope of the present invention is defined by the appended.

Claims (3)

1. a kind of Safety Analysis Method of code key agreement protocol, it is characterised in that: the safety analysis of the code key agreement protocol Method includes the following steps:
S1: choosing an attacker E, is realized using attacker E and implements unknown key-share attack to key agreement protocol, at random Choose a secret valueCalculate gyAnd X=gyModp, B are using the private key of oneself to gy, Cert (B) does digital signature {gy,Cert(B)sigB, B is gy, Cert (B), { gy,Cert(B)sigBIt is sent to A;
S2:A verifies the digital signature of E, and checks 1 < gyWhether < q is true, if so, it authenticates successfully, if not, certification is lost It loses;
S3:A randomly selects a secret valueAnd with the public key PK of EBEncryption, and α and Cert (A), A handle are encrypted with xIt is sent to E;
S4:B SKBDecryptionAnd ENC is decrypted with xx(α, Cert (A)), obtains α and verifying Cert (A), and B verifies Cert (A), if it fails, authentification failure authenticates successfully if successful;
S5:B calculates β=h1((gα)y), and be compared with α, if two differences, authentification failure authenticate successfully if they are the same;
S6:B calculates h2(gx), and it is sent to A as confirmation message, A calculates h2(gx), and message h is sent with E2(gx) It is compared, if two differences, authentification failure authenticate successfully if they are the same.
2. a kind of Safety Analysis Method of code key agreement protocol according to claim 1, it is characterised in that: the step In S1, attacker E needs to generate the long-term private of oneself, and applies for the certificate Cert (E) of oneself.
3. a kind of Safety Analysis Method of code key agreement protocol according to claim 1, it is characterised in that: the step The calculation method of the private key of B is to carry out private key calculating using based on Lagrange Polynomial interpolating method in S1.
CN201810969683.XA 2018-08-23 2018-08-23 A kind of Safety Analysis Method of code key agreement protocol Pending CN109039607A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810969683.XA CN109039607A (en) 2018-08-23 2018-08-23 A kind of Safety Analysis Method of code key agreement protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810969683.XA CN109039607A (en) 2018-08-23 2018-08-23 A kind of Safety Analysis Method of code key agreement protocol

Publications (1)

Publication Number Publication Date
CN109039607A true CN109039607A (en) 2018-12-18

Family

ID=64627215

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810969683.XA Pending CN109039607A (en) 2018-08-23 2018-08-23 A kind of Safety Analysis Method of code key agreement protocol

Country Status (1)

Country Link
CN (1) CN109039607A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111835516A (en) * 2020-06-14 2020-10-27 西安电子科技大学 Public key repudiatable encryption method and system

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119196A (en) * 2006-08-03 2008-02-06 西安电子科技大学 Bidirectional identification method and system
CN102833748A (en) * 2012-09-20 2012-12-19 北京邮电大学 Wireless network lightweight class authentication key negotiation protocol based on digital certificate
CN103634104A (en) * 2013-11-26 2014-03-12 常州大学 Three-party authentication key agreement protocol generating method based on certificates

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101119196A (en) * 2006-08-03 2008-02-06 西安电子科技大学 Bidirectional identification method and system
CN102833748A (en) * 2012-09-20 2012-12-19 北京邮电大学 Wireless network lightweight class authentication key negotiation protocol based on digital certificate
CN103634104A (en) * 2013-11-26 2014-03-12 常州大学 Three-party authentication key agreement protocol generating method based on certificates

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
周永彬等: ""一种认证密钥协商协议的安全分析及改进"", 《软件学报》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111835516A (en) * 2020-06-14 2020-10-27 西安电子科技大学 Public key repudiatable encryption method and system
CN111835516B (en) * 2020-06-14 2021-11-23 西安电子科技大学 Public key repudiatable encryption method and system

Similar Documents

Publication Publication Date Title
JP4842831B2 (en) Certificate-protected dynamic provisioning
US10142297B2 (en) Secure communication method and apparatus
US9819666B2 (en) Pass-thru for client authentication
US20210367753A1 (en) Trusted measurement and control network authentication method based on double cryptographic values and chaotic encryption
US8533482B2 (en) Method for generating a key pair and transmitting a public key or request file of a certificate in security
CA2590989C (en) Protocol and method for client-server mutual authentication using event-based otp
CN103095696B (en) A kind of authentication and cryptographic key negotiation method being applicable to power information acquisition system
JP2007511167A5 (en)
KR100966071B1 (en) Method for multi-party-key agreement using bilinear map and system therefor
US20100185860A1 (en) Method for authenticating a communication channel between a client and a server
CN103780618A (en) Method for cross-isomerism domain identity authentication and session key negotiation based on access authorization ticket
CN101119196A (en) Bidirectional identification method and system
JP2013017197A5 (en)
CN104901935A (en) Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem)
WO2014069985A1 (en) System and method for identity-based entity authentication for client-server communications
CN112235108B (en) 802.1X-based EAP-TLS authentication system
US11722466B2 (en) Methods for communicating data utilizing sessionless dynamic encryption
CN110351272A (en) A kind of general anti-quantum two-way authentication cryptographic key negotiation method (LAKA)
CN103414559A (en) Identity authentication method based on IBE-like system in cloud computing environment
CN101277186B (en) Method for implementing exterior authentication using asymmetry key algorithm
CN105245338B (en) A kind of authentication method and apparatus system
CZ2013373A3 (en) Authentication method of safe data channel
CN106992866A (en) It is a kind of based on wireless network access methods of the NFC without certificate verification
CN109039607A (en) A kind of Safety Analysis Method of code key agreement protocol
CN102098397A (en) Realization method of VoIP (Voice-over-IP) media stream trusted transmission based on Zimmermann Real-Time Transport Protocol key exchange

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20181218

RJ01 Rejection of invention patent application after publication