无线网络认证密钥交换协议研究

项目名称： 无线网络认证密钥交换协议研究

项目编号： No.60873197

项目类型： 面上项目

立项/批准年度： 2009

项目学科： 金属学与金属工艺

项目作者： 徐静

作者单位： 中国科学院软件研究所

项目金额： 28万元

中文摘要： 本项目主要对无线网络认证密钥交换协议的设计理论与分析方法进行了深入的研究，解决了当前存在的一些关键理论和技术问题。主要研究成果包括：1）首次建立了移动网络漫游场景下认证密钥交换协议的严格安全模型，针对匿名认证密钥交换协议提出了有效的攻击方法，设计了可证明安全的匿名认证密钥交换协议；2）对一类跨域口令认证密钥交换协议提出了新的分析方法，利用智能卡技术提出了设计跨域口令认证密钥交换协议的新方法并给出了一般性的构造框架；3）针对无线传感器网络的安全需求，设计了安全高效的轻量级密钥管理协议、数据融合协议，提出了移动传感器网络克隆攻击检测的新方法；4）发展了可信计算环境远程证明的设计方法，建立了合理的平台信任关系模型，提出了具有前向安全性质的匿名证明协议；5）发展了安全协议的分析方法，针对国家标准SM2 密钥交换协议提出了未知密钥共享攻击。 本项目发表论文19篇，其中SCI检索8篇，EI检索15篇，ISTP检索7篇。出版著作1部，起草国家标准2项。

中文关键词： 无线网络安全；认证密钥交换协议；可证明安全性

英文摘要： The research of this project mainly concentrates on design theory and analysis methods of authentication and key establishment protocols in wireless networks and series of central problems have been solved.Specifically, contributions of this project are as follows: 1)We introduced a formal security model suitable for roaming service in global mobility networks, pointed out some practical attacks on authentication protocols with anonymity for roaming, and proposed a generic construction with provable security; 2)We proposed some new cryptanalysis methods for cross-realm client-to-client password authenticated key agreement protocols, and proposed a generic construction framework from any secure smart card based password authentication protocols; 3)We proposed an efficient location-based compromise-tolerant key management scheme and a secure data aggregation scheme for wireless sensor networks,and employed a new authentication approach detecting node replication attacks; 4)We developed the designing theory of remote attestation protocols for trusted computing technology,and proposed an efficient and forward secure remote attestation protocol; 5)We developed the cryptanalysis method and showed that SM2 key exchange protocol is vulnerable to unknown key-share attacks. This project has published 19 papers, where 8 papers are indexed by SCI, 15 papers are indexed by EI and 7 papers are indexed by ISTP. It also has published one book, and has drafted two national standards.

英文关键词： wireless network security;authentication and key establishment protocol; provable security