The Research Of Authentication And Key Exchange Mechanism For Wireless Communication

With the rapid growth of mobile intelligent devices and communication services,various wireless access technologies are integrated into the heterogeneous wireless networks which can provide greater convenience for our daily life.However,the open wireless network is vulnerable for malicious attacks,so it is urgently necessary that researchers design secure schemes to ensure the security for the wireless communication environment.In order to realize the security of the wireless communication,a scheme not only needs to ensure the confidentiality and integrity of the transmitted information during the communication process,what’s more,it is assured that identities of these participants are reliable before the secret communication.The authentication and key exchange(AKE)mechanism is the main way to guarantee its security now.Under the aid of the secure and efficient AKE protocol,mutual authentication is realized,and the session key is negotiated to encrypt the subsequent communications.Meantime,by the difficult assumption and the security model,the security property can be proved.On the other hand,for the performance requirement of the high reliability and low latency,it is necessary to decrease the computation overhead of communication entities and reduce the times of the interaction.In the heterogeneous wireless networks,when a mobile user roams into a foreign domain,a secure and efficient handover AKE protocol needs to be implemented between the user and the foreign server to construct the secure roaming.However,an authencation and key exchange scheme with the public key infrastructure(PKI)exists the complex maintain and management of certificates,and there is the high computation overhead in a scheme with the pairing identity-based cryptosystem.Moreover,it is difficult for some schemes to resist key-compromise impersonation attack and ephemeral private key leakage attack and so on,and the lack of provable security analysis results that the secure roaming is difficult to ensure.In addition,based on the mobile Internet with multiple wireless access technologies,new information technologies including Internet of Things and cloud computing are applied to the filed of the transportation system,so the vehicular ad hoc network(VANET)is generated to attract more and more attentions.The secure interconnection is realized by an AKE protocol among vehicles and roadside infrastructur es,vehicles and cloud servers,and the privacy protection is provided by temporary identity to avoid being tracked.However,with the change of the temporary identity,vehicles’ static public keys and private keys need to be regenerated in existing schemes,thus the system suffers from the huge burden.For passengers’ secret service requests,there are some security weaknesses in some schemes,which result that unauthorized vehicles can enjoy other vehicles’ confidential services.Meanwhile,the proposed batch authentication schemes use bilinear pairings of the high computation cost or many scalar multiplication operations over an elliptic curve group,so these schemes’ performance is degraded.In this paper,a handover AKE protocol in the heterogeneous wireless networks and a batch AK E scheme in the VAN ET are mainly researched.The research content is as follows:(1)The used math theory and cryptography technology are briefly reviewed,including difficult problem assumptions,bilinear pairing knowledge,provable security theory and so on,and requirements of the AK E design and security are introduced in this paper.(2)Aiming at the high computation overhead and the difficulty of some attacks’ resistance in the existing handover AK E schemes for the heterogeneous wireless networks,a secure and efficient handover AK E protocol with anonymity in the heteroge neous wireless networks is proposed.In our scheme,the anonymity is satisfied by the temporary identity to avoid being tracked,and our identity-based scheme avoids the complex management of certificates and impoves the efficiency via eliminating pairing operations.Moreover,in order to resist the ephemeral private key leakage attack,the session key is generated from the static private keys and the ephemeral private keys together.Finally,our protocol is provably secure under the eCK model and the CDH assumption.(3)Aiming at the low efficiency and frequent updates of vehicles’ public keys and private keys in the existing AKE schemes for VANET,a certificateless aggregate signature AKE scheme with anonymity in VANET is proposed.By using the pairing-free aggregate signature technology,the number of signatures and the computation cost of the server are decreased in this scheme.Meantime,the privacy protection of vehicles and anonymity authtentication are realized by the temporary identity and pre-signature,and by constructing the index database of the temporary identity,the suspected vehicles can be tracked by the trust authority,so the condition anonymity is satisfied.Moreover,even if the temporary identity is changed,it is not necessary to update vehicles’ static public keys and private keys,thus the cost of system is reduced.Finally,the security of our scheme is proved by the model of certificateless aggregate signature and the eCK model.