Research And Design On Some Security Authentication Protocols

With the rapid development of information and network technology, the information network has been applied in government,military affairs,science research,commerce and finance, and plays a very important role in our society. At the same time, how to effectively keep the security of the information which was transported in network has become more and more concerned. The secure authentication protocol based on cryptography is a valid technology to solve the problem, and is the core of information security techniques. The secure authentication protocol could be widely used in E-commerce and E-government. Therefore, our point in this thesis is to study and design some secure authentication protocols with provably security in multi-domain authentication,anonymous authentication,fast authentication key agreement and certificateless authentication. Our main achievements are as follows:(1) Considered the especial requirements in multi-domain environment where the users used different authentication frameworks in different domains, first, an authentication protocol for the multi-domain was proposed with public encryption and message authentication code. The security analysis of the proposed protocol in the implementation plan with the CK model was presented. Moreover, entity authentication for cross-domain and other secure properties were supported in the protocol. The proposed protocol was secure and could achieve the security requirements. Second, based on the first proposed protocol, an improved protocol with timestamp was proposed, which was also provably security in CK mode. At last, the implementations of the protocols were analyzed, and they could be efficient authentication methods between the networks which use the different authentication frameworks.(2) Considered the especial requirements of the authentication protocol between the roaming users and the visited networks, first, an ID-based universal authentication protocol with anonymity was proposed by the bilinearity and non-degeneration of pairings. The security of authentication and anonymity was analyzed in detail. Especially, the anonymous security was analyzed by formal approach under the unauthenticated-links adversarial model. The proposed scheme could not only achieve authentication securely but also has a secure anonymity. Second, considered the characteristics of the mobile communication network, an improved protocol was proposed based on the first proposed protocol, which was also provably security in authentication and anonymity, and need lower computation cost. At last, the implementations of the protocols were analyzed.(3) Based on public key encryption and message authentication code technology, a fast authentication key agreement protocol for wireless network was proposed. The security analysis of the proposed protocol in the implementation plan with the CK model was presented. The results show that the proposed protocol is session-key secure with perfect forward secrecy. Moreover,The implementation of the protocol was just twice communications and twice operation of public key encryption. The protocol could satisfy the characteristics of wireless equipment and could be utilized as a complementary plan to the current authentication protocol in wireless network.(4) Based on symmetrical encryption and signature, an efficient authentication key agreement protocol was proposed. The security analysis of the proposed protocol in the implementation plan with the CK model was presented. The results showed that the proposed protocol was session-key secure with perfect forward secrecy, known key security and no key compromise Impersonation. Moreover, the implementation of the protocol was just twice communications, once signature operation and once symmetrical encryption operation.(5) Based on Discrete-Logarithm, a certificateless signcryption scheme without using the bilinear pairings was proposed. The proposed scheme was proved to be secure in the random oracle model, assuming the Compute Diffle-Hellman problem and Discrete-Logarithm problem is hard. At the same time, based on the proposed scheme, a certificateless authentication key agreement protocol without using the bilinear pairings was proposed, which was provably security in CK mode. At last, the implementations of the protocols were analyzed.