基于一次哈希签名和联盟链的密钥分发协议-《计算机技术与发展》

文章信息/Info

Title:: Key Distribution Protocol Based on One-time Hash Signature and Consortium Blockchain

文章编号:: 1673-629X(2024)06-0073-08

作者:: 陈青青1; 刘蕾1; 王志伟1; 2; 3; 1. 南京邮电大学计算机学院、软件学院、网络空间安全学院,江苏南京 210023;2. 南京邮电大学江苏省大数据安全与智能处理重点实验室,江苏南京 210023;3. 北京航空航天大学云南创新研究院云南省区块链应用技术重点实验室,云南昆明 650233

Author(s):: CHEN Qing-qing1; LIU Lei1; WANG Zhi-wei1; 2; 3; 1. School of Computer Science,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;2. Jiangsu Key Laboratory of Big Data Security and Intelligent Processing,Nanjing University of Posts and Telecommunications,Nanjing 210023,China;3. Yunnan Provincial Key Laboratory of Blockchain Application Technology,Yunnan Innovation Research Institute,Beihang University,Kunming 650233,China

关键词:: 一次哈希签名; 联盟链; 对称密钥分发协议; 通信数据保护; 安全性

Keywords:: one-time hash signature; consortium blockchain; symmetric key distribution protocol; protection of communication data; secu-rity

分类号:: TP309

DOI:: 10.20165/j.cnki.ISSN1673-629X.2024.0074

摘要:: 在物联网环境中,为了确保通信数据的机密性和完整性,数据加密密钥的安全性尤为重要。密钥一般采用中心化的存储机制,当中心实体不可信时会造成密钥泄露的风险,因此在分发过程中需要保证密钥的完整性,但普通的签名方案往往较为复杂。针对密钥分发中心化及密钥分发算法复杂等问题,提出了一种基于一次哈希签名和联盟链的密钥分发协议。首先,利用轻量级的一次哈希签名进行用户注册和认证,同时,为了有效检测和防御使用一次哈希签名过程中可能出现的中间人攻击,协议中使用了 Hyperledger Fabric 联盟链存储签名凭证,用户可以从联盟链上获取签名凭证以供认证;然后,基于 Hyperledger Fabric 链和 ElGamal 密码体制设计了一个对称密钥分发方案;最后,从理论分析和 Scyther 形式化协议分析工具两个方面分析了密钥分发协议的安全性,结果表明该协议在保证密钥分发安全性的情况下,提高了密钥分发的效率。

Abstract:: In the IoT environment, in order to ensure the confidentiality and integrity of communication data, the security of data encryption keys is particularly important. The key generally adopts a centralized storage mechanism. When the central entity is untrustworthy,it will cause the risk of key leakage. Therefore,the integrity of the key needs to be guaranteed during the distribution process,but ordinary signature schemes are often more complicated. Aiming at the problems of centralization of key distribution and complex key distribution algorithm,a key distribution protocol based on one-time hash signature and consortium blockchain is proposed.Firstly,a lightweight one-time hash signature is used for user registration and authentication. Meanwhile,in order to effectively detect and defend against man-in -the-middle attacks that may occur in the process of using one-time hash signature,Hyperledger Fabric federation chain is used to store signature credentials. Users can obtain signature credentials from the federation chain for authentication.Then,a symmetric key distribution scheme is designed based on Hyperledger Fabric chain and ElGamal cryptosystem. Finally, the security of the key distribution protocol is analyzed from two aspects of theoretical analysis and Scyther formalized protocol analysis tool,and the results show that the protocol improves the efficiency of key distribution while ensuring the security of key distribution.

相似文献/References:

[1]张富宝,李国,王滔滔.基于区块链技术的电动汽车充电链[J].计算机技术与发展,2020,30(04):161.[doi:10. 3969 / j. issn. 1673-629X. 2020. 04. 031]
　ZHANG Fu-bao,LI Guo,WANG Tao-tao.Electric Vehicle Charging Chain Based on Blockchain Technology[J].,2020,30(06):161.[doi:10. 3969 / j. issn. 1673-629X. 2020. 04. 031]
[2]陈传坤,谷立祥,颜廷贵.基于联盟链的指挥信息系统数据保护研究[J].计算机技术与发展,2021,31(10):105.[doi:10. 3969 / j. issn. 1673-629X. 2021. 10. 018]
　CHEN Chuan-kun,GU Li-xiang,YAN Ting-gui.Research on Data Protection of Command Information System Based on Consortium Blockchain[J].,2021,31(06):105.[doi:10. 3969 / j. issn. 1673-629X. 2021. 10. 018]
[3]任正伟,余易晋.基于可追踪环签名的联盟链身份隐私保护方法[J].计算机技术与发展,2024,34(03):102.[doi:10. 3969 / j. issn. 1673-629X. 2024. 03. 016]
　REN Zheng-wei,YU Yi-jin.A Method of Identity Privacy Protection in Consortium Blockchain Based on Traceable Ring Signature[J].,2024,34(06):102.[doi:10. 3969 / j. issn. 1673-629X. 2024. 03. 016]

《计算机技术与发展》[ISSN:1006-6977/CN:61-1281/TN]

文章信息/Info

相似文献/References:

常用功能

导航/Navigate

工具/Tools

统计/Statistics