Font Size: a A A

Study On Theory And Applications Of Identity-Based Authentication Protocols

Posted on:2009-05-16Degree:DoctorType:Dissertation
Country:ChinaCandidate:X F CaoFull Text:PDF
GTID:1118360272965568Subject:Communication and Information System
Abstract/Summary:PDF Full Text Request
Authentication is a basic guarantee for information security. As an asymmetric au-thentication framework, Identity-Based Cryptosystem (IBC) is advantageous to the tra-ditional Public Key Cryptosystem (PKC) in the former's abolishment of the public keycertificate, and hence becomes a powerful alternative of PKC. The research on identity-based (ID-based) authentication protocol has importance in both theory and application.This dissertation investigates the ID-based authentication in both theoretical andapplicational aspects. We first study ID-based authentication protocols under two fun-damental authentication models, i.e., Client-server model and Client-client model. Thenbased on those theoretical results, we study ID-based authentication protocols in di?erentapplication scenarios. The authors obtain results as follows:1. An ID-based remote authentication protocol with user anonymity is presented. Theprotocol combines a newly-proposed ID-based signature algorithm and a novel con-cept of user account index, which makes the protocol realize authenticity, useranonymity and non-repudiation. Compared with previous protocols, the new proto-col reduces at least 24.7% of user running time and 46.3% of signalling tra?c. Thesecurity proof is given under the random oracle model.2. Two pairing-free ID-based authenticated key agreement (ID-AK) protocols are pro-posed based on additive elliptic curve group. Protocol I utilizes the Divisible Com-putational Di?e-Hellman problem and realizes for the first time the implicit ID-based authentication without pairing; Protocol II utilizes the Computational Di?e-Hellman problem and minimizes the message exchange round time. The securityof the proposed protocol can be proved in the random oracle model. Both pro-posals achieve strong security and can provide the authenticated key agreementbetween users of di?erent administrative domains. Moreover, the proposals elimi-nate the pairing operations, which makes them the most e?cient ID-AK protocolsever known.3. Two ID-based Mobile IP registration protocols are proposed. Protocol I is based onthe ID-AK protocol proposed in Chapter 4; Protocol II is based on the time-invariantsecurity association to achieve the security-e?ciency trade-o?. Both protocols elim-inate the key escrow with the blind signature, and remove the security associationtable with hash function. Compared with previous protocols, the proposed protocolsreduce at least 19.4% of registration delay and 11.6% of signalling tra?c, providingboth strong security and improved e?ciency. 4. IMBAS, an ID-based Multi-user Broadcast Authentication Scheme is proposed forwireless sensor networks (WSN). The protocol employs a newly proposed pairing-free ID-based signature with reduced signature size and the Schnorr signature withpartial message recovery, and becomes the first protocol that provides all of strongsecurity, sound scalability and e?ciency for the multi-user broadcast authenticationin WSN.5. That a presented proposal of e?cient certificateless signature scheme is insecureagainst public key replacement attack is demonstrated. It is shown that an adversarywho replaces the public key of a signer can forge valid signatures for the signerwithout knowledge of the signer's private key. Then the scheme is improved, theimproved scheme is proven secure against existential forgery in the random oraclemodel.
Keywords/Search Tags:identity-based, authentication, elliptic curve, bilinear pairing, ran-dom oracle model
PDF Full Text Request
Related items