移动互联网匿名认证协议的可证明安全及效率优化研究

项目名称： 移动互联网匿名认证协议的可证明安全及效率优化研究

项目编号： No.61202389

项目类型： 青年科学基金项目

立项/批准年度： 2013

项目学科： 计算机科学学科

项目作者： 姜奇

作者单位： 西安电子科技大学

项目金额： 26万元

中文摘要： 匿名认证是移动互联网安全体系的重中之重，直接影响其中的信息安全及用户隐私。移动互联网对匿名认证协议的安全性、效率均有很高的要求。而现有的安全协议往往不同程度上忽略了其中某一方面的要求，致使很多理论成果无法满足实际应用的需求。因此，本项目将研究同时使用口令和智能卡的双因子匿名认证协议，同时，兼顾安全性和效率以满足移动互联网的实际需求。首先，在通用可组合安全框架下，建立双因子匿名认证的分析模型；其次，在可证明安全模型中引入博弈论思想，寻找协议安全性和效率之间的最佳平衡点，对安全协议设计中如何权衡安全性和效率这一矛盾具有重要的理论和实际意义。最后，在上述理论和方法的指导下，设计适用于移动互联网的双因子匿名认证协议。本项目预期形成一套针对双因子匿名认证协议的可证明安全理论和兼顾安全性和效率的协议优化理论与方法，为移动互联网的健康发展提供更好的支撑。

中文关键词： 认证协议；隐私保护；匿名；密钥协商；通用可组合安全

英文摘要： Anonymous authentication is the top priority of the security architecture of mobile Internet, which has a direct impact on information security and user privacy. Mobile Internet has a high demand for anonymous authentication protocols in both security strength and efficiency. However, most existing security protocols fail to provide appropriate security and efficiency guarantee at the same time, and are unable to satisfy the requirements of practical applications. Therefore, we study two-factor anonymous authentication protocols using both passwords and smart cards, meanwhile, strike the balance between security and efficiency to cater for the practical requirements of mobile Internet. Firstly, the security model of two-factor anonymous authentication will be established in the universally composable security framework. Then, the concept of game theory is introduced in the provable security model to reveal the optimal tradeoff between security and efficiency, which is of great significance in both theory and practice to evaluate the contradiction between security and efficiency. Finally, with the guide of the above theories and approaches, we will design two-factor anonymous authentication protocols which are suitable for mobile Internet. It is expected to form a suite of provable security theory, and protocol o

英文关键词： Authentication protocol；Privacy protection；Anonymity；Key agreement；Universally composable security