Abstract: In this paper, the security of a wireless authentication and key agreement protocol(UAP) based on ECC signature scheme(ECDSA) is analyzed. the flaw is also pointed out: the security of the protocol relies on the secure preservation of Server’s private key. A new wireless authentication and key agreement protocol base on No-Inverse Elliptic curve digital signature scheme ,which is binding authentication session key and Server’s parameters is also proposed. The proposed protocol repairs the flaw of UAP protocol and improves the efficiency of Server. Furthermore it also meets the security requirements of wireless authentication and key agreement protocol.

Key words: Wireless Authentication, Key Agreement, Security, ECC , Non-inverse

摘要： 本文分析了一个基于椭圆曲线数字签名算法（ECDSA）的无线认证和密钥协商协议（UAP协议）的安全性，指出其安全缺陷：协议的安全性取决于服务器私钥的安全保存。使用无须求逆的椭圆曲线数字签名算法，同时将认证过程密钥和服务器参数绑定，给出了改进的无线认证和密钥协商协议，有效修复了UAP协议的缺陷，提高了服务器的使用效率，满足了无线认证和密钥协商协议的安全需求。

关键词: 无线认证, 密钥协商, 安全性, ECC , 非求逆