| With the global development of information technology, people are enjoying more resources and better services while undertaking an increasing number of potential threats and various risks. Thus, how to achieve information security has become an urgent issue and attracted much attention. As a comprehensive application of security technology, authentication protocols are powerful methods to guarantee information security. A variety of authentication protocols have been widely deployed in both military and civilian applications. However, with the increasing requirements of security and the improvement of applications, more abundant and diverse demands are needed in authentication protocol.This dissertation focuses on the design and construction of new authentication protocols. Combined with various cryptosystems as well as specific application scenarios, several novel authentication protocols are proposed. The detailed analysis and constructions of new protocols are given in the corrsepongding chapters. The dissertation consists of the following five aspects:1. Present two kind of authentication protocols based on aggregate signatures. Firstly, a new certificateless aggregate signature scheme is constructeded to reduce the pairing operations in verify phase. Security analysis shows our scheme is provably secure in the random oracle model. Secondly, we present an identity privacy-preserving public auditing scheme based on aggregate authentication sub-technology for secure mobile cloud storage. The scheme can safely authenticate the integrity for the data stored in cloud server and keep the advantage properties such as low complexity, data dynamically update etc.2. Study secure medical data storage solutions in the electronic health networks. The security of an existing fair remote retrieval(FRR) scheme is analyzed, we give two concrete attacks to demonstrate that the FRR scheme cannot achieve the claimed security level. Subsequently, an improved scheme is presented with security and performance analysis. The result shows that the enhanced scheme is safe and could efficiently authenticate the integrity of the outsourced private medical records in the electronic health networks.3.Automatic dependent surveillance-broadcast(ADS-B) systems are now on track to replace radar to become the backbone of next-generation air traffic management systems. However, the authentication for ADS-B messages has not yet been well studied. Based on identity-based signature with message recovery(IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages. The performance evaluation shows that the scheme is computationally efficient for avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.4.With the evolution of traditional power grids into smart grids, third-party service providers(SPs) are required to help in service provision. However, authentication for multiple third-party SPs has not been well studied in smart grids. In this part, we model the third-party service provision in smart grids for the first time. Furthermore, we propose an efficient authentication scheme for multiple third-party SPs. Security analysis shows that our scheme can achieve all desirable security goals. Performance evaluation demonstrates that our scheme is suited for smart meters with limited resources, and each user only needs to do one registration for multiple SPs thus it has low communication overhead.5. Investigate authenticated encryption schemes as well as encryption algorithm which can be used in authentication protocols. Firstly, we give an improvement of Hwang et.al’s authenticated encryption scheme. The enhanced scheme not only addresses the security issues of the original scheme, but also maintains its merits. Secondly, we study homomorphic encryption algorithm and propose an efficient scheme to compute the inner product on encrypted data using the homomorphic encryption based on the ring learning-with-errors(RLWE) problem. The scheme can be used as a basic cryptography module to built some authentication protocols(such as biometric authentication).
|
PDF Full Text Request