Design And Research Of Elliptic Curve Based Authenticated Key Agreement Protocol In Multi-server Environment

Elliptic curve arithmetic theory has a wide range of applications in cryptography.Elliptic curve based public key cryptography has gradually replaced RSA as the most popular public key cryptography in the world.Elliptic curve cryptography is currently the public key cryptography with the strongest single-bit security strength.Compared with other public key cryptography,it requires shorter key length and operates with faster calculation speed on the same security level.The elliptic curve based cryptogra-phy research is one of the mainstream cryptography research directions.The cryptographic protocol is an important branch of cryptography research.As a part of the cryptographic protocol,the authenticated key agreement protocol has been widely applied in practice.It uses the cryptographic algorithms as the basis to realize both the authentication and key agreement functions,and is an important basic technical mean to ensure network security.With the in-depth development of wireless network technology,various network applications have also emerged.Designing a secure and effective authenticated key agreement protocol for different network application environment is an ongoing research topic.This paper mainly studies the elliptic curve based authenticated key agreement protocol in multi-server environment,and designs the corresponding three-factor authenticated key agreement protocol according to the network architectures of different application environment.Concretely,(1)An elliptic curve based three-factor authenticated key agreement protocol is de-signed for Telecare Medicine Information System.In the network architecture adopted by the protocol,authentication and key agreement between users and dis-tributed servers requires a central server to participate in the whole processes.By the BAN logic and heuristic security analysis method,the protocol is confirmed to have comprehensive security features,enabling mutual authentication and key a-greement,user anonymity,forward secrecy and resistance to various known attacks.Moreover,in this protocol,the system private key held by the central server does not need to be shared with each distributed server,thereby further enhancing the system security.(2)For the general multi-server application environment,this paper proposes a new and more general elliptic curve based authenticated key agreement protocol,and proves that the protocol can achieve mutual authentication and key agreement through BAN logic,and its comprehensive security features are further confirmed through heuristic security analysis.Moreover,in the network architecture adopted by this protocol,the registration center does not need to participate in the subsequent key agreement processes between the user and the distributed server after completing the authentication of the user,which can greatly reduce the amount of computation and traffic in the authentication and key agreement processes,and thereby the efficiency advantage of the scheme is enhanced.(3)It reveals that the authentication scheme proposed by Wazid et al.for the smart grid system has serious security vulnerabilities and design defects,i.e.,any adversary can impersonate a smart meter to negotiate a session key with a user,and the trusted authority knows all registered users individual secrets and all smart meters share the same secret parameter for authentication.In order to eliminate these security vulnerabilities and design flaws,this paper designs an improved solution which implements mutual authentication and key agreement,supports user anonymity and forward secrecy,and is resistant to various known attacks.Moreover,its security is formally proved in the random oracle(RO)model.