基于区组设计和身份的容错性密钥协商协议研究

项目名称： 基于区组设计和身份的容错性密钥协商协议研究

项目编号： No.61300237

项目类型： 青年科学基金项目

立项/批准年度： 2014

项目学科： 自动化技术、计算机技术

项目作者： 沈剑

作者单位： 南京信息工程大学

项目金额： 23万元

中文摘要： 密钥协商协议参与者的增多给协议带来了巨大的安全挑战，尤其对协议的容错能力提出了很高的要求。容错性旨在识别协议中恶意参与者，并将其剔除，从而重新得到新的共同会话密钥。另一方面，协议参与者数量的动态变化也对协议的可扩展能力提出了要求。研究表明应用双线性映射的基于身份的加密技术可以构建具备容错能力的多方密钥协商协议。然而，该方法往往需要通过中央控制系统来提供容错能力，且不易动态扩展，协议的运行性能不高。本项目旨在提出一种新的容错性密钥协商协议：基于区组设计和身份的容错性密钥协商协议。主要研究内容和目标为1）将区组设计引入协议的构造中，形成分布式的多用户密钥协商模型，无需中央控制系统；2）在区组设计的基础上，加入安全的容错技术，以抵御差别密钥攻击；3）提供认证服务，确保用户之间的真实可靠性；4）设计可扩展技术，使得协议可以灵活地处理用户加入或退出；5）提高协议的运行性能，以降低计算开销和通信开销。

中文关键词： 区组设计；身份加密；容错性；可证安全；实体认证

英文摘要： The increment of the number of participants in the key agreement protocol brings huge security challenges. In particular, fault tolerant property is highly required, where the malicious participant can be identified and removed if malicious participants exist and subsequently a new common conference key can be established among the remaining honest participants. On the other hand, scalability is also required in order to deal with the change of the number of participants. Previous research shows that ID-based cryptography applying bilinear pairing can construct multi-user key agreement protocol with fault tolerant property. However, this method usually needs a centralized controller to provide the capacity of fault tolerant. In addition, it is difficult to provide the scalability and the performance is not good. In order to solve the above problems, this project develops a new key agreement protocol named ID-based fault tolerant key agreement protocol applying a block design. We first construct the ID-based key agreement protocol based on a block design and establish a decentralized multi-user key agreement model; Secondly, in order to resist the different key attack, we design the secure fault tolerant technique based on the structure of the block design; Thirdly, we provide the authentication service to makesu

英文关键词： block design；fault tolerant；identity-based encryption；provable security；authentication