CN116405195A - 一种适用于车联网的用户认证和密钥协商方法 - Google Patents
一种适用于车联网的用户认证和密钥协商方法 Download PDFInfo
- Publication number
- CN116405195A CN116405195A CN202211609464.3A CN202211609464A CN116405195A CN 116405195 A CN116405195 A CN 116405195A CN 202211609464 A CN202211609464 A CN 202211609464A CN 116405195 A CN116405195 A CN 116405195A
- Authority
- CN
- China
- Prior art keywords
- key
- public key
- sender
- internet
- user authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 230000006854 communication Effects 0.000 claims abstract description 17
- 238000004891 communication Methods 0.000 claims abstract description 12
- 238000004364 calculation method Methods 0.000 claims abstract description 7
- 238000012795 verification Methods 0.000 claims description 10
- 238000004422 calculation algorithm Methods 0.000 abstract description 5
- 238000005516 engineering process Methods 0.000 abstract description 4
- 230000005540 biological transmission Effects 0.000 abstract description 3
- 238000004088 simulation Methods 0.000 description 2
- 241001481828 Glyptocephalus cynoglossus Species 0.000 description 1
- UNLRVSBRNJYNHN-UHFFFAOYSA-N [cyano-(3-phenoxyphenyl)methyl] 2-(4-chlorophenyl)-3-methylbutanoate;dimethoxy-(4-nitrophenoxy)-sulfanylidene-$l^{5}-phosphane Chemical compound COP(=S)(OC)OC1=CC=C([N+]([O-])=O)C=C1.C=1C=C(Cl)C=CC=1C(C(C)C)C(=O)OC(C#N)C(C=1)=CC=CC=1OC1=CC=CC=C1 UNLRVSBRNJYNHN-UHFFFAOYSA-N 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
- H04L9/0825—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s) using asymmetric-key encryption or public key infrastructure [PKI], e.g. key signature or public key certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0838—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
- H04L9/0841—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols
- H04L9/0844—Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these involving Diffie-Hellman or related key agreement protocols with user authentication or key authentication, e.g. ElGamal, MTI, MQV-Menezes-Qu-Vanstone protocol or Diffie-Hellman protocols using implicitly-certified keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3033—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/72—Signcrypting, i.e. digital signing and encrypting simultaneously
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/84—Vehicles
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Theoretical Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
本发明公开了一种适用于车联网的用户认证和密钥协商方法,该方法基于PKI技术,解决了车联网通信中密钥协商问题。在系统建立阶段公开系统参数,生成公钥和私钥,第三方可信赖机构(认证中心,即CA)对公钥和公钥持有者的身份信息进行签名,即颁发公钥证书,通信双方根据公开的系统参数共同协商出一个安全的会话密钥,本发明采用签密的方法来构造用户认证和密钥协商方案。该算法在随机预言模型下被证明是安全的,同时该算法的计算复杂度也优于同类的其它算法,传输效率高,因此该方法适用于车联网的应用场景。
Description
技术领域
本发明涉及信息安全技术领域,特别涉及一种适用于车联网的用户认证和密钥协商方法。
背景技术
随着通信系统的快速发展,为了保证通信安全,我们提出了密钥协商这一概念。它能为参与者提供身份认证并在通信节点之间建立共享会话密钥,可以保证通信过程的机密性和完整性。
PKI是英文Public Key Infrastructure的简写,是一种以公开密钥技术为基础的安全体系,它的应用涵盖了密码学中的大部分知识和技术,而且它是一个开放结构,基于安全和效率的改进是没有终点的。基于PKI的密码体制存在一个可信赖的第三方权威机构CA来为公钥持有者颁发公钥证书,这个证书是CA对公钥和公钥持有者的身份信息进行签名的结果,公钥的使用者可以通过验证证书的合法性来认证公钥。基于PKI的密钥协议可以有效地解决基于口令的跨域密钥协议中利用预置共享密钥参与加/解密实施中间人攻击,以及Kerberos弱口令导致的攻击者可以实施口令猜测攻击的问题。2017年,Mingping Qi和Jianhua Chen提出了客户端-服务器构架的双因素认证密钥协议,使用秘密哈希值屏蔽用户的原始身份和三次握手技术解决了用户匿名问题和时钟同步问题,但是被AlavalapatiGoutham Reddy等人指出容易发生服务器模拟攻击、用户模拟攻击或内部攻击等。2018年,Jiaqing Mo等人提出了一种新的移动客户端-服务器环境的远程用户认证和密钥协商,此方案依赖于椭圆曲线离散对数问题和计算Diffie-Hellman问题。2019年,Mohammad Wazid等人发表了一种雾计算服务的安全密钥管理和用户认证方案,但因过程复杂,通信开销较大。
在车联网通信环境中,通信过程较其它领域更为复杂,上述用户认证和密钥协商协议都或多或少存在安全问题或者计算复杂问题。因而,设计出一种既高效、又安全的适用于车联网的用户认证和密钥协商方法是很有必要的。
发明内容
发明目的:本发明的目的是提供一种适用于车联网的用户认证和密钥协商方法,能够保证通信的安全高效。
技术方案:本发明提供了一种适用于车联网的用户认证和密钥协商方法,包括以下步骤:
S1:系统建立,给定一个安全参数λ,取一个大素数p,使得|p|=λ,q是p-1的一个大素数因子,g是ZP中的一个q阶元素,使得这里lq:N→N是决定q长度的函数,定义两个安全的哈希函数/> 这里l1、l2、l3、l4是比特串的长度,系统参数有{l1,l2,l3,l4,p,q,g,H1,H2};
S2:注册阶段,确定发送者的私钥xs、公钥ys,接受者的私钥xr、公钥yr,并将公钥发送至可信赖机构CA,由CA对公钥持有者颁发证书;
S3:用户认证和密钥协商阶段,根据S2中给定发送者的私钥xs、发送者的公钥ys以及接收者的公钥yr,具体步骤为:
S3.4:发送者计算验证值h=H2(k||ys||yr||ω),H2是一个哈希运算,其中,k的长度为l2,ys的长度为l3,yr的长度为l4,ω的长度为l1;
S3.5:发送者计算签名v=hxs+xmod q;
S3.6:最后生成密文σ=(c,h,v)。其中h是一个验证值;
S4:给定密文σ、发送者公钥ys、接收者的私钥xr以及公钥yr,该算法的工作原理如下:
S4.3:接收者根据密钥k计算出验证值h′,h′=H2(k||ys||yr||ω);
S4.4:如果h′=h,发送者的身份验证通过并且会话密钥建立,否则,返回错误符号⊥。
进一步地,所述S2中确定发送者的私钥xs、公钥ys,接受者的私钥xr、公钥yr具体包括如下步骤:
进一步地,所述发送者公钥ys,接受者公钥yr需CA认证才可使用
有益效果:
1、相较于以前的方法,本发明采用基于PKI的密码体质,没有耗时的双线性对运算和点乘运算,计算开销较小,而且能够广泛应用在基于PKI的车联网实际场景中。
2、在用户认证和密钥协商阶段,以前的方案大都采用Diffie-Hellman密钥协商的方式来构造密钥,而我们采用的是公钥的方式来构造密钥。具体地,我们采用签密的方法来构造用户认证和密钥协商方案。方案除了签密方案本身所具有的保密性,认证性,完整性和不可伪造性之外,还可以实现密钥协商以及抵抗女巫攻击、伪装攻击和数据认证攻击等。本发明在随机预言模型下被证明是安全的,且该方法运算简单,传输效率高,是一种理想的密钥协商方法。
具体实施方式
本发明提供了一种适用于车联网中的用户认证和密钥协商方法,该方法运算简单,计算量较其它方法少,因此适合运用于车载网络中。因为车载网络节点(On-Board Unit简称OBU)的计算能力往往受限,在OBU通信过程中,需要公路基础设施基站(Road-SideUnit简称RSU)作为中转站将通信数据发送给云服务器,而RSU的计算能力往往也受到限制且和车载网络节点大都处于不同的密码体制下。因此,在保证通信过程中数据的机密性和认证性的前提下,还要使传输高效,本发明所提出的方法可完美适用于该场景。该方法的具体实施包括一下步骤:
S1:系统建立,给定一个安全参数λ,取一个大素数p,使得|p|=λ,q是p-1的一个大素数因子,g是ZP中的一个q阶元素,使得这里lq:N→N是决定q长度的函数,定义两个安全的哈希函数/> 这里l1,l2,l3,l4,l5,l6是消息的长度,系统参数有{l1,l2,l3,l4,l5,l6,p,q,g,H1,H2}。
S2:注册阶段:OBU选择一个随机数作为其私钥,ys为对应的公钥,类似的,RSU选择一个随机数/>yr为对应的公钥,/> OBU和RSU将产生的公钥发送给第三方的可信赖机构CA,由CA对公钥持有者颁发证书。
S3:用户认证和密钥建立阶段:OBU向RSU建立通信的用户认证和密钥协商过程,该过程包括一下步骤:
S3.4:OBU计算验证值h=H2(k||TS||ED||ys||yr||ω),H2是一个哈希运算,k的长度为l2,TS的长度为l3,ED的长度为l4,ys的长度为l5,yr的长度为l6,ω的长度为l1。
S3.5:OBU计算签名v=hxs+x mod q。
S3.6:最后生成密文σ=(c,h,v)。其中h是一个验证值。
S4:RSU收到来自OBU的密文σ后,将其解密并进行身份验证,该算法的工作原理如下:
S4.3:RSU根据密钥k计算出验证值h′,h′=H2(k||TS||ED||ys||yr||ω)。
该方法保证了车联网中OBU和RSU通信过程中密钥的机密性和不可伪造性,因为如果等式h′=h不成立,证明验证失败,密文可能被篡改或者说明密文不是OBU所发,RSU拒绝该密文,不做出相应的判断指令。
通过本发明,构建了一种适用于车联网的用户认证和密钥协商方法,该方法可以良好的运用到车联网环境中,解决了基于PKI技术下车联网通信中密钥协商问题。
上述实施方式只为说明本发明的技术构思及特点,其目的在于让熟悉此项技术的人能够了解本发明的内容并据以实施,并不能以此限制本发明的保护范围。凡根据本发明精神实质所做的等效变换或修饰,都应涵盖在本发明的保护范围之内。
Claims (4)
1.一种适用于车联网的用户认证和密钥协商方法,其特点在于:包括以下步骤:
S1:系统建立,给定一个安全参数λ,取一个大素数p,使得|p|=λ,q是p-1的一个大素数因子,g是ZP中的一个q阶元素,使得这里lq:N→N是决定q长度的函数,定义两个安全的哈希函数/> 这里l1、l2、l3、l4是比特串的长度,系统参数有{l1,l2,l3,l4,p,q,g,H1,H2};
S2:注册阶段,确定发送者的私钥xs、公钥ys,接受者的私钥xr、公钥yr,并将公钥发送至可信赖机构CA,由CA对公钥持有者颁发证书;
S3:用户认证和密钥协商阶段,根据S2中给定发送者的私钥xs、发送者的公钥ys以及接收者的公钥yr,发送者向接收者建立通信的用户认证和密钥协商过程具体如下:
S3.4:发送者计算验证值h=H2(k||ys||yr||ω),H2是一个哈希运算,其中,k的长度为l2,ys的长度为l3,yr的长度为l4,ω的长度为l1;
S3.5:发送者计算签名v=hxs+xmod q;
S3.6:最后生成密文σ=(c,h,v),其中h是一个验证值;
S4:给定密文σ、发送者公钥ys、接收者的私钥xr以及公钥yr,解密并进行身份验证,具体包括如下步骤:
S4.3:接收者根据密钥k计算出验证值h′,h′=H2(k||ys||yr||ω);
S4.4:如果h′=h,发送者的身份验证通过并且会话密钥建立,否则,返回错误符号⊥。
4.根据权利要求1所述的适用于车联网的用户认证和密钥协商方法,其特征在于:所述发送者公钥ys,接受者公钥yr需CA认证才可使用。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211609464.3A CN116405195A (zh) | 2022-12-14 | 2022-12-14 | 一种适用于车联网的用户认证和密钥协商方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211609464.3A CN116405195A (zh) | 2022-12-14 | 2022-12-14 | 一种适用于车联网的用户认证和密钥协商方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116405195A true CN116405195A (zh) | 2023-07-07 |
Family
ID=87018485
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211609464.3A Pending CN116405195A (zh) | 2022-12-14 | 2022-12-14 | 一种适用于车联网的用户认证和密钥协商方法 |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN116405195A (zh) |
-
2022
- 2022-12-14 CN CN202211609464.3A patent/CN116405195A/zh active Pending
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107919956B (zh) | 一种面向物联网云环境下端到端安全保障方法 | |
CN111083131B (zh) | 一种用于电力物联网感知终端轻量级身份认证的方法 | |
CN108667626B (zh) | 安全的两方协作sm2签名方法 | |
CN108989053B (zh) | 一种基于椭圆曲线的无证书公钥密码体制实现方法 | |
CN106506470B (zh) | 网络数据安全传输方法 | |
CN105959269B (zh) | 一种基于身份的可认证动态群组密钥协商方法 | |
CN111835752A (zh) | 基于设备身份标识的轻量级认证方法及网关 | |
CN107659395B (zh) | 一种多服务器环境下基于身份的分布式认证方法及系统 | |
CN108650227A (zh) | 基于数据报安全传输协议的握手方法及系统 | |
CN112104453B (zh) | 一种基于数字证书的抗量子计算数字签名系统及签名方法 | |
CN113572603B (zh) | 一种异构的用户认证和密钥协商方法 | |
CN112468490B (zh) | 一种用于电网终端层设备接入的认证方法 | |
CN112039660B (zh) | 一种物联网节点群组身份安全认证方法 | |
CN114710275B (zh) | 物联网环境下基于区块链的跨域认证和密钥协商方法 | |
CN114884698B (zh) | 基于联盟链的Kerberos与IBC安全域间跨域认证方法 | |
CN112087428A (zh) | 一种基于数字证书的抗量子计算身份认证系统及方法 | |
CN115514474A (zh) | 一种基于云-边-端协同的工业设备可信接入方法 | |
CN112564923B (zh) | 一种基于无证书的安全网络连接握手方法 | |
CN116599659B (zh) | 无证书身份认证与密钥协商方法以及系统 | |
KR100456624B1 (ko) | 이동 통신망에서의 인증 및 키 합의 방법 | |
CN114070570B (zh) | 一种电力物联网的安全通信方法 | |
CN114285546B (zh) | 一种可用于车载自组网络中的异构签密通信方法 | |
CN116760530A (zh) | 一种电力物联终端轻量级认证密钥协商方法 | |
CN112822018B (zh) | 一种基于双线性对的移动设备安全认证方法及系统 | |
CN116405195A (zh) | 一种适用于车联网的用户认证和密钥协商方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |