Research On Authentication Protocols With Special Properties And Their Applications

With social information-based developing of process, the role of computer networks and information systems in social life is becoming important. But attendant information security problems are more and more prominent. Literally but also essentially, how to protect security of information system is the critical issue of information security. Cryptography, the discipline aiming to study secure communication problem, is the core technology of information security in network communications. It often produces counterfeiting, forgery and other events in cyberspace communication process. Authentication is a technology which ensures the authenticity of user identity and information content, and is also fundamental to ensure cyberspace communication security. In recent years, how to design secure and high-efficient authentication protocol has been receiving a lot of attention and becomes the core and frontier topic of information security discipline. Therefore, it is of considerably important academic value and practical significance to study secure authentication protocols.In this thesis, we investigate the design of authentication protocols. Our proposed protocols can improve performance compared with some existing related protocols, and some authentication protocols in this paper have high-efficient practical applications in electronic medical information systems. Deniable authentication is a special authentication in these protocols. Compared with traditional authentication, deniable authentication allows the assigned receiver to identify the source of a given message, but the assigned receiver cannot prove the source of a given message to any third party. These characteristics makes deniable authentication to be applied in some privacy scenarios. The main research works in this paper are as follows:1. Research on certificateless deniable authentication protocol.(1) We design a certificateless deniable authentication protocol using bilinear pairings with provable security, which both can solve the public key certificates complex management problem in deniable authentication based on PKI cryptography and can solve the key escrow problem in deniable authentication based on identity cryptography.(2) We propose a certificateless deniable authentication protocol without pairings. In this protocol, we do not utilize time-consuming pairing operations, which reduces the computational cost greatly. Meanwhile, this protocol can be well applied in actual scenarios, such as E-mail, electronic voting and electronic tendering.(3) We design a certificateless aggregate deniable authentication protocol with provable security. In this protocol, there exists an efficient algorithm to aggregate n deniable authenticator on n messages from n users into a single deniable authenticator. The resulting aggregate deniable authenticator can convince a receiver that the n users indeed authenticate the n corresponding messages. Therefore, we can greatly reduce the computational cost by using the aggregate deniable authentication.2. Research on identity-based deniable threshold ring authentication protocol. In order to further expand the function of deniable authentication protocol, we construct an identity-based deniable threshold ring authentication protocol. In this protocol, the verifier is able to generate an authenticator that is indistinguishable from an authenticator generated by t users in the ring members in probabilistic polynomial time. At the same time, our protocol admits formal security in the random oracle model under the bilinear Diffie-Hellman(BDH) problem.3. Research on an identity-based deniable authenticated encryption protocol. We design an identity-based deniable authenticated encryption protocol. In order to reduce computational cost and communication overhead, we adopt similar signcryption technology. Our protocol has the least communication overhead. Meanwhile, our protocol has the indistinguishability against adaptive chosen ciphertext attacks(IND-CCA) under the decisional bilinear Diffie-Hellman(DBDH) problem and deniable authentication against adaptive chosen message attacks(DA-CMA) under the BDH problem in the random oracle model.4. Research on RFID mutual authentication protocols which is based on elliptic curve cryptography.(1) Based on elliptic curve cryptography, we design a mutual authentication protocol which applies to RFID system. In this protocol, the tag’s identification can be well protected, which ensures the tag’s anonimity. The server can verify tag’s identification only through simple operations and does not need exhaustive search. In addition, our protocol can satisfy confidentiality, mutual authentication, availabvility, forward security and scalability. Meanwhile, our protocol can resist replay attack, tag impersonation attack and server phishing attack and so on.(2) Based on outsourcing technology, we propose a RFID mutual authentication protocol with outsourcing function using elliptic curve cryptography. In a RFID system, due to the limited computational capabilities of tag, the issuer outsources time-consuming computation in tag to a trusted third party, while tag only performs some simple calculations. In addition, our protocol utilizes similar signcryption technology, which both ensures the confidentiality of tag’s identification, and guarantees the mutual authentication between tag and server.