資料載入中.....
|
請使用永久網址來引用或連結此文件:
https://nccur.lib.nccu.edu.tw/handle/140.119/158798
|
| 題名: | 新型輕量化之後量子基於身份認證金鑰交換協議
A new post-quantum identity-based lightweight authenticated key exchange protocol |
| 作者: | 林欣怡
Lin, Hsin-Yi |
| 貢獻者: | 左瑞麟
Tso, Raylin
林欣怡
Lin, Hsin-Yi |
| 關鍵詞: | 基於身份之密碼學
輕量級
認證金鑰交換
晶格密碼學
可證明安全性
Identity-based cryptography
Lightweight
Authenticated key exchange
Lattice-based cryptography
Provable security |
| 日期: | 2025 |
| 上傳時間: | 2025-08-04 16:15:20 (UTC+8) |
| 摘要: | 隨著量子計算能力的穩定發展,許多現有的數論密鑰交換協定將會變得不夠安全,因此對於安全認證金鑰交換 (AKE) 協定的需求持續成長,例如在物聯網應用層面上,包括工業物聯網 (IIoT)、無人機 (UAV) 通訊、行動裝置和智慧卡,皆需要具有兼具身分驗證功能以及輕量化設計的安全協定,PiLike 協議即為其中代表之一,結合晶格困難問題與身份導向的金鑰生成機制,設計出一套輕量的身份基礎認證金鑰交換協議,儘管該協議具備形式化安全性分析,但在我們先前所發表的密碼分析研究中,已指出其於私鑰萃取階段存在偽冒風險:合法用戶可利用註冊資訊偽造任意身份的私鑰,成功通過驗證並建立會話金鑰。
本研究延續上述發現,提出一個新的基於晶格之身份認證金鑰交換協議,兼顧安全性與輕量效能,該協議於標準模型與隨機預言模型(ROM)下證明可提供認證金鑰協議安全性(AKE)以及雙向認證性(MA)。我們亦進行協議實作與效能評估,結果顯示本協議在計算效率上與 PiLike 相差不多,但顯著提升對身份偽冒攻擊的防禦能力。本研究有助於推動後量子身份為基礎金鑰交換協議於資源受限場景下之安全實用化發展。
With the steady advancement of quantum computing capabilities, many existing number-theoretic key exchange protocols are becoming increasingly insecure. Consequently, the demand for secure authenticated key exchange (AKE) protocols continues to grow, especially in application scenarios such as the Industrial Internet of Things (IIoT), unmanned aerial vehicle (UAV) communication, mobile devices, and smart cards, which require both identity authentication and lightweight design.
One representative solution is the PiLike protocol, which integrates lattice-based hard problems with identity-based key generation to construct a lightweight identity-based AKE scheme. Although PiLike comes with a formal security analysis, our prior cryptanalytic work has identified a critical impersonation vulnerability in the key extraction phase: a legitimate user can forge private keys for arbitrary identities based on registration information, successfully passing verification and establishing session keys.
Building upon this finding, this thesis proposes a new lattice-based identity-authenticated key exchange protocol that achieves a balanced design between security and lightweight performance. The proposed scheme is proven secure under both the standard model and the random oracle model (ROM), providing authenticated key exchange (AKE) and mutual authentication (MA) guarantees. We also implement the protocol and evaluate its performance. The results show that our protocol achieves similar computational efficiency to PiLike while significantly enhancing resistance against impersonation attacks. This research contributes to the practical development of secure and lightweight identity-based key exchange protocols in post-quantum, resource-constrained environments. |
| 參考文獻: | [1] T. Borgohain, U. Kumar, and S. Sanyal, Survey of security and privacy issues of internet of things, Jan. 9, 2015. arXiv: 1501.02211[cs] (cit. p. 1).
[2] M. Ammar, G. Russello, and B. Crispo, “Internet of things: A survey on the security of IoT frameworks,” Journal of Information Security and Applications, vol. 38, pp. 8–27, Feb. 1, 2018 (cit. p. 1).
[3] X. Li, J. Niu, M. Z. A. Bhuiyan, et al., “A robust ECC-based provable secure authentication protocol with privacy preserving for industrial internet of things,” IEEE Transactions on Industrial Informatics, vol. 14, no. 8, pp. 3599–3609, Aug. 2018,Conference Name: IEEE Transactions on Industrial Informatics (cit. p. 1).
[4] X. Pan, Y. Jin, and F. Li, “An efficient heterogeneous authenticated key agreement scheme for unmanned aerial vehicles,” Journal of Systems Architecture, vol. 136, p. 102 821, Mar. 1, 2023 (cit. p. 1).
[5] J. Cui, F. Cheng, H. Zhong, et al., “Multi-factor based session secret key agreement for the industrial internet of things,” Ad Hoc Networks, vol. 138, p. 102 997, Jan. 1, 2023 (cit. p. 1).
[6] R. Amin and G. P. Biswas, “Cryptanalysis and design of a three-party authenticated key exchange protocol using smart card,” Arabian Journal for Science and Engineering, vol. 40, no. 11, pp. 3135–3149, Nov. 1, 2015 (cit. p. 1).
[7] Kübra Seyhan, K. Seyhan, Ngoc Tu Nguyen, et al., “Bi-GISIS KE: Modified key exchange protocol with reusable keys for IoT security,” Journal of Information Security and Applications, vol. 58, p. 102 788, 2021 (cit. p. 1).
[8] T. A. Idriss, H. A. Idriss, and M. A. Bayoumi, “A lightweight PUF-based authentication protocol using secret pattern recognition for constrained IoT devices,” IEEE Access, vol. 9, pp. 80 546–80 558, 2021, Conference Name: IEEE Access (cit. p. 1).
[9] M. Kaveh, S. Aghapour, D. Martin, and M. R. Mosavi, “A secure lightweight signcryption scheme for smart grid communications using reliable physically unclonable function,” in 2020 IEEE International Conference on Environment and Electrical Engineering and 2020 IEEE Industrial and Commercial Power Systems Europe (EEEIC/ I&CPS Europe), Jun. 2020, pp. 1–6 (cit. p. 1).
[10] F. Zerrouki, S. Ouchani, and H. Bouarfa, “T2s-MAKEP and t2t-MAKEP: A PUF-based mutual authentication and key exchange protocol for IoT devices,” Internet of Things, vol. 24, p. 100 953, Dec. 1, 2023 (cit. p. 1).
[11] W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, vol. 22, no. 6, pp. 644–654, Nov. 1976 (cit. p. 1).
[12] D. S. Gupta and G. P. Biswas, “An ECC-based authenticated group key exchange protocol in IBE framework,” International Journal of Communication Systems, vol. 30, no. 18, e3363, 2017, _eprint: https://onlinelibrary.wiley.com/doi/pdf/10.1002/dac.3363 (cit. p. 2).
[13] J. Kar and B. Majhi, “A secure two-party identity-based key exchange protocol based on elliptic curve DiscreteLogarithmProblem,” (cit. p. 2).
[14] P. Shor, “Algorithms for quantum computation: Discrete logarithms and factoring,” in Proceedings 35th Annual Symposium on Foundations of Computer Science, Jan. 1994, pp. 124–134 (cit. pp. 2, 11).
[15] M. Ajtai, “Generating hard instances of lattice problems (extended abstract),” in Proceedings of the twenty-eighth annual ACM symposium on Theory of Computing, ser. STOC ’96, New York, NY, USA: Association for Computing Machinery, 1996, pp. 99–108 (cit. pp. 2, 12).
[16] S. Wang, Y. Zhu, D. Ma, and R. Feng, “Lattice-based key exchange on small integer solution problem,” Science China Information Sciences, vol. 57, no. 11, pp. 1–12, Nov. 2014 (cit. pp. 2, 8, 12–14).
[17] H. Debiao, C. Jianhua, and H. Jin, “An ID-based client authentication with key agreement protocol for mobile client–server environment on ECC with provable security,” Information Fusion, vol. 13, no. 3, pp. 223–230, Jul. 1, 2012 (cit. pp. 2, 14).
[18] D. S. Gupta, “PiLike: Post-quantum identity-based lightweight authenticated key exchange protocol for IIoT environments,” IEEE Systems Journal, vol. 18, no. 1, pp. 15–23, Mar. 2024 (cit. pp. 3, 14, 18, 19, 21, 38).
[19] H.-Y. Hsu, H.-Y. Lin, R. Tso, T. H. Chang, and J.-C. Hsu, “Cryptanalysis of PiLike: An impersonation attack on the lightweight identity-based authenticated key exchange protocol using bi-ISIS,” in 2024 19th Asia Joint Conference on Information Security (AsiaJCIS), Tainan, Taiwan: IEEE, Aug. 13, 2024, pp. 9–16 (cit. pp. 3, 18, 20, 39).
[20] A. Shamir, “Identity-based cryptosystems and signature schemes,” in Advances in Cryptology, G. R. Blakley and D. Chaum, Eds., Berlin, Heidelberg: Springer, 1985, pp. 47–53 (cit. pp. 5, 10).
[21] S. Agrawal, D. Boneh, and X. Boyen, “Efficient lattice (h)IBE in the standard model,” in Advances in Cryptology–EUROCRYPT 2010, H. Gilbert, Ed., Berlin, Heidelberg: Springer, 2010, pp. 553–572 (cit. p. 6).
[22] A. Fiat and A. Shamir, “How to prove yourself: Practical solutions to identification and signature problems,” in Advances in Cryptology—CRYPTO’ 86, A. M. Odlyzko, Ed., Berlin, Heidelberg: Springer, 1987, pp. 186–194 (cit. p. 10).
[23] D. Boneh and M. Franklin, “Identity-based encryption from the weil pairing,” in Advances in Cryptology—CRYPTO 2001, J. Kilian, Ed., Berlin, Heidelberg: Springer, 2001, pp. 213–229 (cit. p. 10).
[24] C. G. Günther, “An identity-based key-exchange protocol,” in Advances in Cryptology—EUROCRYPT’ 89, J.-J. Quisquater and J. Vandewalle, Eds., Berlin, Heidelberg: Springer, 1990, pp. 29–37 (cit. p. 10).
[25] L. Chen and C. Kudla, “Identity based authenticated key agreement protocols from pairings,” in 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings., ISSN: 1063-6900, Jun. 2003, pp. 219–233 (cit. pp. 11, 14).
[26] L. Chen, Z. Cheng, and N. P. Smart, Identity-based key agreement protocols from pairings, Publication info: Published elsewhere. Unknown where it was published, 2006 (cit. p. 11).
[27] N. McCullagh and P. S. L. M. Barreto, “A new two-party identity-based authenticated key agreement,” in Topics in Cryptology–CT-RSA 2005, A. Menezes, Ed., Berlin, Heidelberg: Springer, 2005, pp. 262–274 (cit. p. 11).
[28] Q. Yuan and S. Li, A new efficient ID-based authenticated key agreement protocol, Publication info: Published elsewhere. Unknown where it was published, 2005 (cit. p. 11).
[29] Y. Wang, “Efficient identity-based and authenticated key agreement protocol,” in Transactions on Computational Science XVII, M. L. Gavrilova and C. J. K. Tan, Eds., Berlin, Heidelberg: Springer, 2013, pp. 172–197 (cit. p. 11).
[30] M. Hou and Q. Xu, “A secure ID-based explicit authenticated key agreement protocol without key escrow,” in 2009 Fifth International Conference on Information Assurance and Security, vol. 1, Aug. 2009, pp. 487–490 (cit. p. 11).
[31] G. Yao, H. Wang, and Q. Jiang, “An authenticated 3-round identity-based group key agreement protocol,” in 2008 Third International Conference on Availability, Reliability and Security, Mar. 2008, pp. 538–543 (cit. p. 11).
[32] C. Boyd, W. Mao, and K. G. Paterson, “Key agreement using statically keyed authenticators,” in Applied Cryptography and Network Security, M. Jakobsson, M. Yung, and J. Zhou, Eds., Berlin, Heidelberg: Springer, 2004, pp. 248–262 (cit. p. 11).
[33] S. Wang, Z. Cao, and K.-K. R. Choo, New identity-based authenticated key agreement protocols from pairings (without random oracles), Publication info: Published elsewhere. In submission., 2006 (cit. p. 11).
[34] L. Ni, W. Gu, H. Zhou, and Y. Zhang, “A new post-quantum identity-based authenticated key agreement mechanism for TLS handshake,” in Computer Technology and Transportation ISCTT 2021; 6th International Conference on Information Science, Jan. 2021, pp. 1–8 (cit. p. 11).
[35] O. Regev, “On lattices, learning with errors, random linear codes, and cryptography,” (cit. pp. 11, 12).
[36] C. Peikert, Lattice cryptography for the internet, Publication info: Published else-where. Major revision. PQCrypto 2014, 2014 (cit. pp. 11, 12).
[37] D. Micciancio, “Generalized compact knapsacks, cyclic lattices, and efficient one-way functions,” computational complexity, vol. 16, no. 4, pp. 365–411, Dec. 1, 2007 (cit. p. 12).
[38] D. Micciancio and C. Peikert, Trapdoors for lattices: Simpler, tighter, faster, smaller, Publication info: Published elsewhere. Unknown where it was published, 2011 (cit. p. 12).
[39] D. S. Gupta and G. P. Biswas, “Design of lattice-based ElGamal encryption and signature schemes using SIS problem,” Transactions on Emerging Telecommunications Technologies, vol. 29, no. 6, e3255, 2018, _eprint: https://onlinelibrary.wiley.com/doi/pdf/10.1002/et (cit. p. 12).
[40] D. S. Gupta and G. P. Biswas, “A novel and efficient lattice-based authenticated key exchange protocol in c-k model,” International Journal of Communication Systems, vol. 31, no. 3, e3473, 2018, _eprint: https://onlinelibrary.wiley.com/doi/pdf/10.1002/dac.3473 (cit. pp. 12–14).
[41] R. Canetti and H. Krawczyk, “Analysis of key-exchange protocols and their use for building secure channels,” in Advances in Cryptology—EUROCRYPT 2001, B. Pfitzmann, Ed., Berlin, Heidelberg: Springer, 2001, pp. 453–474 (cit. p. 13).
[42] J. Bos, C. Costello, L. Ducas, et al., Frodo: Take off the ring! practical, quantum- secure key exchange from LWE, Publication info: Published elsewhere. Major revision. ACM CCS 2016, 2016 (cit. p. 13).
[43] E. Alkim, L. Ducas, T. Pöppelmann, and P. Schwabe, Post-quantum key exchange – a new hope, Publication info: Published elsewhere. Minor revision. USENIX Security 2016, 2015 (cit. p. 13).
[44] J. Bos, L. Ducas, E. Kiltz, et al., “CRYSTALS - kyber: A CCA-secure module-lattice-based KEM,” in 2018 IEEE European Symposium on Security and Privacy (EuroS&P), Apr. 2018, pp. 353–367 (cit. p. 13).
[45] K. Xagawa, Anonymity of NIST PQC round 3 KEMs, Publication info: A major revision of an IACR publication in EUROCRYPT 2022, 2021 (cit. p. 13).
[46] S. H. Islam and S. Zeadally, “Provably secure identity-based two-party authenticated key agreement protocol based on CBi-ISIS and bi-ISIS problems on lattices,” Journal of Information Security and Applications, vol. 54, p. 102 540, Oct. 1, 2020 (cit. pp. 14, 38). |
| 描述: | 碩士
國立政治大學
資訊安全碩士學位學程
112791010 |
| 資料來源: | http://thesis.lib.nccu.edu.tw/record/#G0112791010 |
| 資料類型: | thesis |
| 顯示於類別: | [資訊安全碩士學位學程] 學位論文
|
文件中的檔案:
| 檔案 |
描述 |
大小 | 格式 | 瀏覽次數 |
|---|
| 101001.pdf | | 1076Kb | Adobe PDF | 0 | 檢視/開啟 |
|
在政大典藏中所有的資料項目都受到原著作權保護.
|
