Research On Identity Based Authentication And Key Agreement Protocol

With the development and deployment of various wireless networks, heterogeneous network seamless integration is the developing direction definitely in the future, providing the ability of access the network any where, any time. However, the open character of the wireless network environment and the networks integration increase the potential threat to the information security greatly. Sound authentication and key agreement scheme can guarantee the network information security.Most two party key agreement protocols don't meet the computational and security requirements of roaming between different networks; the tripartite protocols don't satisfy the asymmetric computational environment in wireless network. And these schemes also have some shortage in security and performance in prior literatures, e.g. adequate security property and basic security requirements and formal analysis.This dissertation mainly studies the identity based authentication and key agreement for heterogeneous integrated network, and proves the security with formal analysis methods. The main contribution of the thesis is as follows:1. Based on the study on the provable secure formal analysis methods of authentication and key agreement, this paper extends the provable secure enhanced Canetti-Krawczyk(eCK) model. According to the character of the authority private key generator (PKG) in the ID-based authentication and key agreement, the adversary abilities are extended to reveal the master key of the PKG, ensuring the forward secrecy of the PKG in the protocols.2. For the mobile station roaming between the heterogeneous networks, which belong to different PKG or domains, this paper presents a provable secure authentication and key agreement protocol based on bilinear pairing, bilinear Diffie-Hellman and Computational Diffie-Hellman assumption. The scheme utilizes the two session entities'ephemeral key, public key and the public key of PKGs to agree the session key. The formal analysis based on the model mentioned above proves that the scheme satisfies the security requirements such as known key security, key compromise impersonation resilience, perfect forward secrecy, PKG forward secrecy etc.3. This paper proposes an identity based tripartite authentication and key agreement protocol which adapts to the security requirements and the asymmetric computation ability between the mobile station and the server. The scheme can achieve the key escrow and escrowless functions by the ephemeral key, according to the legal requirements and personal information secrecy demand respectively. The formal analysis with BAN logic proves that the protocol can achieve the session key in security. The final security analysis and performance comparison show the advantage in security and efficiency.