论文部分内容阅读
可否认认证协议允许认证者向接收者认证某个消息,但是接收者不能向第三方证明该认证消息的来源.在考虑开放的异步多方通信网络环境和自适应的主动攻击者能力的情形下,基于UC(universally composable)安全模型提出了解决并行可否认认证问题的新方法.根据可否认认证协议的安全目标,定义了形式化的并行可否认认证理想函数FCDA,然后,利用可验证平滑投影散列函数构造了一个具体的协议方案,在公共参考串模型中,新的协议方案是可证明UC安全的,即新方法能够保证可否认认证协议的不同实例在并行复合情形下是安全的,当与其他协议同时运行时具有非延展性.为了实现可否认认证的前向可否认性,新方法基于陷门承诺构造了新的投影密钥函数和可验证平滑投影散列函数,基于证人不可区分,协议的安全性可以归约为确定性复合剩余假设,改善了协议的计算效率和通信效率.
It can be denied that the authentication protocol allows the authenticator to authenticate a certain message to the recipient, but the recipient can not prove the source of the authenticated message to the third party.In considering the open asynchronous multi-party communication network environment and the adaptive aggressive attacker’s ability, Based on UC (universally composable) security model, a new method to solve the problem of parallel admissible authentication is proposed.According to the security goal of denying authentication protocol, a formalized parallel recognizable authentication ideal function FCDA is defined, and then, The column function constructs a specific protocol scheme. In the common reference string model, the new protocol scheme can prove UC security, that is, the new method can ensure that different instances of the authentication protocol are safe in the case of parallel compounding In order to realize the admissibility of admissibility, the new method constructs a new projection key function and verifiable smooth projection hash function based on trapdoor commitment. Based on the fact that the witness is indistinguishable , The security of the protocol can be reduced to the deterministic compound residual assumption, which improves the computing efficiency of the protocol Letter efficiency.