您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2016, Vol. 51 ›› Issue (9): 47-52.doi: 10.6040/j.issn.1671-9352.2.2015.139

• • 上一篇    下一篇

一种基于零知识证明的远程桌面认证协议

朱智强,马可欣,孙磊   

  1. 信息工程大学三院, 河南 郑州 450004
  • 收稿日期:2015-09-21 出版日期:2016-09-20 发布日期:2016-09-23
  • 作者简介:朱智强(1961— ),男,博士,教授,研究方向为信息安全. E-mail:xdzzqjs@163.com
  • 基金资助:
    校教育教学研究课题项目(XD2015301C)

A zero-knowledge proof based remote desktop authentication protocol

ZHU Zhi-qiang, MA Ke-xin, SUN Lei   

  1. The Third College, Information Engineering University, Zhengzhou 450004, Henan, China
  • Received:2015-09-21 Online:2016-09-20 Published:2016-09-23

摘要: 目前桌面云环境下用户身份认证过程中用户属性可能存在泄漏。针对此种安全威胁,提出了一个远程桌面认证模型。在该模型的基础上,提出了一种基于零知识证明的远程桌面认证协议ZPBRDAP。该协议包括属性注册协议(AR协议)与身份认证协议(IA协议),在不暴露用户身份属性的同时完成用户身份认证。最后,分析了该协议的正确性、安全性以及协议效率,表明该协议具有良好的可用性。

关键词: 身份认证, 零知识, 安全性, 正确性, 桌面云, 认证模型

Abstract: Aiming at the possibility of user attributes revelation during the user identity authentication period under the desktop cloud environment, a remote desktop authentication model was presented. On the basis of the model, a zero-knowledge proof based remote desktop authentication protocol ZPBRDAP was presented. The protocol consisted of attributes registration protocol and identity authentication protocol, which could accomplish user identity authentication without exposing user identity attributes. At last,the validity, the security and the efficiency of the protocol was analyzed. It is demonstrated that the protocol has a strong usability.

Key words: identity authentication, validity, authentication model, desktop cloud, zero-knowledge, security

中图分类号: 

  • TP309
[1] ARMBRUST M, FOX A, GRIFFITH R, et al. A view of cloud computing[J]. Communications of the ACM, 2010, 53(4):50-58.
[2] LI Y. Development and application of desktop virtualization technology[J]. Experimental Technology and Management, 2011: 326-329.
[3] WANG Huqing, SUN Zhixin. Research on zero-know-ledge proof protocol[J]. IJCSI International Journal of Computer Science Issues, 2013, 10(1):194-200.
[4] GOLDREICH O, OREN Y. Definitions and properties of zero-knowledge proof systems[J]. Journal of Cryptology, 1994, 7(1):1-32.
[5] DASILVA D A, LIU L, BESSIS N, et al. Enabling green it through building a virtual desktop infrastructure[C] // Proceedings of the 8th International Conference on Semantics, Knowledge and Grids. Piscataway: IEEE, 2012: 32-38.
[6] CHOUDHURY A J, KUMAR P, SAIN M, et al. A strong user authentication framework for cloud computing[C] // Proceedings of IEEE Asia-pacific Services Computing Conference. Los Alamitos: IEEE Computer Society, 2011: 110-115.
[7] GOLDWASSER S, MICALI S, RACKOFF C. The knowledge complexity of interactive proof systems[J]. ACM Symposium on Theory of Computing, 1985, 18(1):186-208.
[8] GOLDWASSER S, MICALI S, RACKOFF C. The knowledge complexity of interactive proof systems[J]. Siam Journal on Computing, 1989, 18(1):186-208.
[9] BENHAMOUDA F, CAMENISCH J, KRENN S, et al. Better zero-knowledge proofs for lattice encryption and their application to group signatures[J]. ASIACRYPT, 2014, 8873:551-572.
[10] 张倩. 一种云计算中的身份认证协议[J]. 武警工程大学学报, 2013(6):59-62. ZHANG Qian. Identity authentication protocol in cloud computing[J]. Journal of Armed Police Engineering University, 2013(6):59-62.
[11] MCCURLEY K S. The discrete logarithm problem[J]. Proceedings of Symp in Applied Math, 1990, 42:49-74.
[12] FEIGE U, FIAT A, SHAMIR A. Zero-knowledge proofs of identity[C] // Proceedings of the Nineteenth Annual ACM Conference on Theory of Computing. New York: ACM, 1987:210-217.
[13] BELLARE M, PALACIO A. GQ and Schnorr identification schemes: proofs of security against impersonation under active and concurrent attacks[J]. Lecture Notes in Computer Science, 2001, 2442:149-162.
[1] 查明明,王伟. FlowMonitor: Android隐私数据流向监控防护系统[J]. 山东大学学报(理学版), 2016, 51(9): 59-67.
[2] 苏彬庭,许力,方禾,王峰. 基于Diffie-Hellman的无线Mesh网络快速认证机制[J]. 山东大学学报(理学版), 2016, 51(9): 101-105.
[3] 柳欣,徐秋亮,张波. 满足可控关联性的合作群签名方案[J]. 山东大学学报(理学版), 2016, 51(9): 18-35.
[4] 唐乾,杨飞,黄琪,林果园. 基于TCB子集的访问控制信息安全传递模型[J]. 山东大学学报(理学版), 2016, 51(7): 98-106.
[5] 杜军威, 江峰, 张会萍, 曹玲, 殷文文. 基于图形转换的组合状态安全性验证技术[J]. 山东大学学报(理学版), 2014, 49(09): 41-49.
[6] 倪亮1,2,3,陈恭亮3,李建华3. eCK模型的安全性分析[J]. J4, 2013, 48(7): 46-50.
[7] 巨春飞1,仇晓涛2,王保仓2,3. 基于矩阵环的快速公钥密码算法[J]. J4, 2012, 47(9): 56-59.
[8] 汪定1,2,薛锋1,王立萍1,马春光2. 改进的具有PFS特性的口令认证密钥协商方案[J]. J4, 2012, 47(9): 19-25.
[9] 王鹃1,2,何琪1,严飞1,2,蒋万伟1,杨明1,王妍1. 一种以用户为中心的移动互联网身份管理及认证系统[J]. J4, 2012, 47(11): 12-17.
[10] 马艳芳1,张 敏2,3,陈仪香2,3. 基于环境的软件正确性形式化描述[J]. J4, 2011, 46(9): 22-27.
[11] 王侃1,吴磊2,3,郝蓉4. 一个弹性分布式数据安全方案[J]. J4, 2011, 46(9): 39-42.
[12] 阎召祥. ZS加密方案的选密安全性证明[J]. J4, 2010, 45(11): 115-121.
[13] 阎召祥 . 2m次根方案在同步攻击下的安全性证明[J]. J4, 2007, 42(4): 10-13 .
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!