欢迎访问中国科学院大学学报,今天是

中国科学院大学学报 ›› 2013, Vol. 30 ›› Issue (4): 547-554.DOI: 10.7523/j.issn.2095-6134.2013.04.017

• 计算机科学 • 上一篇    下一篇

基于IPv6的P2P-SIP可证明安全无证书匿名通信协议

张格非, 张玉清   

  1. 中国科学院大学国家计算机网络入侵防范中心, 北京 100049
  • 收稿日期:2012-07-20 修回日期:2013-01-21 发布日期:2013-07-15
  • 通讯作者: 张格非
  • 基金资助:

    国家自然科学基金(60970140);北京市自然科学基金(4122089)资助 

Provably secure certificateless anonymous authentication protocol for P2P-SIP based on IPv6

ZHANG Ge-Fei, ZHANG Yu-Qing   

  1. National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 100049, China
  • Received:2012-07-20 Revised:2013-01-21 Published:2013-07-15

摘要:

依照下一代网络协议的发展趋势,分析IETF提出的SIP协议和P2P网络结合的P2P-SIP网络的特点,针对其优势和不足提出一个基于椭圆曲线算法并适用于IPv6的P2P-SIP无证书匿名通信协议,使用CK安全模型对方案的安全性进行了证明. 对协议的安全性分析表明,该协议具有相互认证、完美前向保密性、匿名性、已知密钥安全、非密钥泄露伪装等安全属性;协议可抵御已知密钥攻击、中间人攻击、SYBIL攻击等攻击. 通过与已知协议的比较可知,该协议有更好的安全性和效率.

关键词: 对等网络-线令控制, 无证书, 椭圆曲线密码学, IPv6, 匿名

Abstract:

Following the developmental trend of the next-generation-network protocols, we analyze the characteristics of the P2P-SIP network which combines the SIP protocol and P2P networks. Considering its strengths and weaknesses, we design a certificateless anonymous protocol based on elliptic curve algorithms for P2P-SIP, which can be applied in IPv6 network. We prove the proposed protocol under the CK security model and do security analysis on the protocol. The security analysis demonstrates that the proposed protocol has the following security attributes: mutual authentication, excellent forward secrecy, anonymity, known key security, and key compromise impersonation. The proposed protocol can also effectively resist the known-key attack, Man-in-the-middle attack, SYBIL attack, and some other attacks. We compare our protocol with previous protocols and show that our protocol has more security attributes and more effective than the previous protocols.

Key words: P2P-SIP, certificateless, elliptic curve cryptography, IPv6, anonymous

中图分类号: