计算机科学与探索 ›› 2015, Vol. 9 ›› Issue (3): 330-337.DOI: 10.3778/j.issn.1673-9418.1407063

• 网络与信息安全 • 上一篇    下一篇

高效异构融合网络认证协议的研究与分析

徐允鹏1+,黄遵国1,徐劲松2   

  1. 1. 国防科学技术大学 计算机学院,长沙 410073
    2. 武警淮南市支队,安徽 淮南 232000
  • 出版日期:2015-03-01 发布日期:2015-03-09

Research and Analysis on Efficient Authentication Protocols for Heterogeneous Integrated Network

XU Yunpeng1+, HUANG Zunguo1, XU Jinsong2   

  1. 1. College of Computer, National University of Defense Technology, Changsha 410073, China
    2. Armed Police Detachment of Huainan, Huainan, Anhui 232000, China
  • Online:2015-03-01 Published:2015-03-09

摘要: 针对异构融合网络认证协议的效率和安全性不能兼顾的问题,提出了一种高效的认证协议,该协议包括全认证过程和快速重认证过程。通过全认证过程减少消息交互数量,快速重认证过程减少认证实体相结合的方式降低认证延迟,利用哈希链的随机性和单向性来保证信息的安全性和新鲜性。采用了形式化分析工具AVISPA对协议的安全性进行分析,同时与现有协议进行对比,结果分析表明,该认证协议在保证安全性的基础上提高了认证效率,有效改善了异构融合网络的性能。

关键词: 认证协议, 认证延迟, 哈希链, AVISPA

Abstract: Efficiency and safety can’t all take into account in normal authentication protocol. Aiming at the problem in heterogeneous integrated network, this paper proposes an efficient authentication protocol which includes full authentication procedure and fast re-authentication procedure. This paper reduces the authentication delay by reducing the number of message interactions in full authentication and reducing the number of authentication entities in fast re-authentication. And this paper uses hash chain method to ensure the safety and freshness of information. Using a formal analysis tools of AVISPA to analyze the security of protocol, and compared with the existing authentication protocols to analyze the efficiency, the analysis results show that the proposed protocol improves the authentication efficiency while ensuring the security, and improves the performance of heterogeneous integrated network.

Key words: authentication protocol, authentication delay, hash chain, AVISPA