| With the maturity of cloud computing technology in terms of security,stability,and efficiency,a large number of services have been migrated to the cloud platform.To facilitate users to access services in the public network and protect the privacy of communication,the mutual authentication and key agreement(MAKA)protocols of the multi-server architecture have received extensive attention.Based on the identity cryptosystem,we focuse on how to protect privacy and information security when communicating.Analyze the problems that the MAKA protocol needs to pay attention to when designing.At the same time,it is studied how to reduce the communication burden of various participants in designing such protocols,and how to embed mathematical difficulties to ensure the security of the protocols.The specific work is as follows:The MAKA protocol of multiple registration centers is designed: The analysis found that a large number of MAKA protocols are currently unable to resist some new types of attacks,such as ephemeral secret leakage(ESL)attacks and registration center disclosure registration information(RCDRI)attacks,and do not have an efficient revocation mechanism.In addition,almost all MAKA protocols are based on an registration center(RC),which is undoubtedly a huge challenge for RC stability and efficiency.Based on the above problems,this paper proposes a MAKA protocol with multiple registration centers in combination with self-certified public key(SCPK)cryptography,which has a dynamic revocation mechanism and is resistant to the above-mentioned new attacks.Based on the Diffie-Hellman mathematical difficulty hypothesis,this paper gives the security proof of the protocol in the random oracle model.Since the proposed protocol does not involve bilinear pairing operations,it has a great advantage in terms of execution efficiency compared to previous protocols of the same type.A three-factor MAKA protocol is designed.Since the existing three-factor MAKA protocols almost do not provide formal security proof,which makes the related protocols vulnerable to various attacks.On the other hand,many three-factor MAKA protocols have high communication costs and are not suitable for large-scale applications.Furthermore,a large number of three-factor MAKA protocols do not have dynamic revocation mechanism,resulting in malicious users can not be revoked in time.In order to solve these shortcomings,this paper proposes a provable,dynamically revocable three-factor MAKA protocol,which uses Schnorr signature to implement dynamic management of users and provides formal security proof in the random oracle model.Security analysis shows that the protocol can meet various security needs in a multi-server environment.Performance analysis shows that the solution is suitable for resource-constrained smart devices.The simulation implementation illustrates the technical feasibility of the protocol. |
PDF Full Text Request