计算机工程与应用 ›› 2024, Vol. 60 ›› Issue (14): 283-293.DOI: 10.3778/j.issn.1002-8331.2304-0196

• 网络、通信与安全 • 上一篇    下一篇

轻量级的两方认证密钥协商协议

宋庆,马米米,邓淼磊,左志斌   

  1. 河南工业大学 信息科学与工程学院,郑州 450001
  • 出版日期:2024-07-15 发布日期:2024-07-15

Lightweight Two-Party Authentication Key Agreement Protocol

SONG Qing, MA Mimi, DENG Miaolei, ZUO Zhibin   

  1. College of Information Science and Engineering, Henan University of Technology, Zhengzhou 450001, China
  • Online:2024-07-15 Published:2024-07-15

摘要: 轻量级的两方认证密钥协商协议允许通信双方在公开信道上建立一个相同且安全的会话密钥。现有的认证协议难以满足轻量级的需求,同时多数轻量级协议仍存在某些安全问题。基于此,提出了一种基于身份的两方匿名轻量级逆向防火墙认证密钥协商协议。该协议在eCK模型下结合BAN逻辑被证明是安全的。协议提供匿名性、完美前向安全性、抗重放攻击、抗Dos攻击、抗中间人攻击。与其他轻量级认证协议对比发现,该协议具有更高的安全性和较短的运行时间,适用于资源受限设备。

关键词: 身份认证, 密钥协商, 逆向防火墙, 轻量级, eCK模型, BAN逻辑

Abstract: Lightweight two-party authentication key agreement protocols allow both communicating parties to establish an equal and secure session key over a public channel. Existing authentication protocols have difficulty in meeting the needs of lightweight, while most lightweight protocols have some security issues. For this reason, an identity-based two-party anonymous lightweight reverse firewall key agreement protocol is proposed. The protocol is proven to be secure under the eCK model in combination with BAN logic. The protocol provides anonymity, perfect forward security, resistance to replay attacks, resistance to Dos attacks, and resistance to man-in-the-middle attacks. Finally, when compared with other lightweight authentication protocols reveals, it is found to have higher security and shorter running time for resource-constrained devices.

Key words: authentication, key agreement, reverse firewall, lightweight, eCK model, BAN logic