Inter-domain Alliance Authentication Protocol Based on Blind Signature



Similar documents
A Secure Password-Authenticated Key Agreement Using Smart Cards

A Study on Secure Data Storage Strategy in Cloud Computing

AN EFFICIENT GROUP AUTHENTICATION FOR GROUP COMMUNICATIONS

Chosen Public Key and Ciphertext Secure Proxy Re-encryption Schemes

The Development of Web Log Mining Based on Improve-K-Means Clustering Analysis

Evaluation of the information servicing in a distributed learning environment by using monitoring and stochastic modeling

Chapter 3: Dual-bandwidth Data Path and BOCP Design

A Structure Preserving Database Encryption Scheme

Provably Secure Single Sign-on Scheme in Distributed Systems and Networks

A Secure Nonrepudiable Threshold Proxy Signature Scheme with Known Signers

IT09 - Identity Management Policy

A SECURE BILLING SERVICE WITH TWO-FACTOR USER AUTHENTICATION IN WIRELESS SENSOR NETWORKS. Received March 2010; revised July 2010

PKIS: practical keyword index search on cloud datacenter

An Interest-Oriented Network Evolution Mechanism for Online Communities

Scalable and Secure Architecture for Digital Content Distribution

Forecasting the Demand of Emergency Supplies: Based on the CBR Theory and BP Neural Network

An Alternative Way to Measure Private Equity Performance

Calculating the high frequency transmission line parameters of power cables

Power-of-Two Policies for Single- Warehouse Multi-Retailer Inventory Systems with Order Frequency Discounts

Secure Network Coding Over the Integers

PERFORMANCE ANALYSIS OF PARALLEL ALGORITHMS

Module 2 LOSSLESS IMAGE COMPRESSION SYSTEMS. Version 2 ECE IIT, Kharagpur

How To Understand The Results Of The German Meris Cloud And Water Vapour Product

A Performance Analysis of View Maintenance Techniques for Data Warehouses

Canon NTSC Help Desk Documentation

Watermark-based Provable Data Possession for Multimedia File in Cloud Storage

Ad-Hoc Games and Packet Forwardng Networks

A Comprehensive Analysis of Bandwidth Request Mechanisms in IEEE Networks

8.5 UNITARY AND HERMITIAN MATRICES. The conjugate transpose of a complex matrix A, denoted by A*, is given by

A DATA MINING APPLICATION IN A STUDENT DATABASE

Yixin Jiang and Chuang Lin. Minghui Shi and Xuemin Sherman Shen*

Feature selection for intrusion detection. Slobodan Petrović NISlab, Gjøvik University College

Proactive Secret Sharing Or: How to Cope With Perpetual Leakage

ANALYZING THE RELATIONSHIPS BETWEEN QUALITY, TIME, AND COST IN PROJECT MANAGEMENT DECISION MAKING

Compact CCA2-secure Hierarchical Identity-Based Broadcast Encryption for Fuzzy-entity Data Sharing

Frequency Selective IQ Phase and IQ Amplitude Imbalance Adjustments for OFDM Direct Conversion Transmitters

Global innovative solutions You can rely on.

ThresPassport A Distributed Single Sign-On Service

A role based access in a hierarchical sensor network architecture to provide multilevel security

A DYNAMIC CUSTOMIZABLE ARCHITECTURE FOR SAAS BASED PLATFORM

Research Article Competition and Integration in Closed-Loop Supply Chain Network with Variational Inequality

A Cryptographic Key Assignment Scheme for Access Control in Poset Ordered Hierarchies with Enhanced Security

A New Task Scheduling Algorithm Based on Improved Genetic Algorithm

Applied Research Laboratory. Decision Theory and Receiver Design

Performance Analysis of Energy Consumption of Smartphone Running Mobile Hotspot Application

Data Broadcast on a Multi-System Heterogeneous Overlayed Wireless Network *

A Novel Adaptive Load Balancing Routing Algorithm in Ad hoc Networks

Vision Mouse. Saurabh Sarkar a* University of Cincinnati, Cincinnati, USA ABSTRACT 1. INTRODUCTION

A hybrid global optimization algorithm based on parallel chaos optimization and outlook algorithm

A NEW ACTIVE QUEUE MANAGEMENT ALGORITHM BASED ON NEURAL NETWORKS PI. M. Yaghoubi Waskasi M. J. Yazdanpanah

Study on Model of Risks Assessment of Standard Operation in Rural Power Network

Load Balancing of Parallelized Information Filters

Optimization Model of Reliable Data Storage in Cloud Environment Using Genetic Algorithm

A Prediction System Based on Fuzzy Logic

A GENERIC HANDOVER DECISION MANAGEMENT FRAMEWORK FOR NEXT GENERATION NETWORKS

Analysis and Modeling of Buck Converter in Discontinuous-Output-Inductor-Current Mode Operation *

A heuristic task deployment approach for load balancing

JCM_VN_AM003_ver01.0 Sectoral scope: 03

A DISTRIBUTED REPUTATION MANAGEMENT SCHEME FOR MOBILE AGENT- BASED APPLICATIONS

Trivial lump sum R5.0

Optimal maintenance of a production-inventory system with continuous repair times and idle periods

Relay Secrecy in Wireless Networks with Eavesdropper

A Generalized Temporal and Spatial Role-Based Access Control Model

How To Get A Tax Refund On A Retirement Account

Small pots lump sum payment instruction

Tuition Fee Loan application notes

LIFETIME INCOME OPTIONS

A High-confidence Cyber-Physical Alarm System: Design and Implementation

An Efficient Recovery Algorithm for Coverage Hole in WSNs

CHOLESTEROL REFERENCE METHOD LABORATORY NETWORK. Sample Stability Protocol

M3S MULTIMEDIA MOBILITY MANAGEMENT AND LOAD BALANCING IN WIRELESS BROADCAST NETWORKS

Monitoring Network Traffic to Detect Stepping-Stone Intrusion

P2P/ Grid-based Overlay Architecture to Support VoIP Services in Large Scale IP Networks

Ants Can Schedule Software Projects

A Dynamic Load Balancing for Massive Multiplayer Online Game Server

A Novel Methodology of Working Capital Management for Large. Public Constructions by Using Fuzzy S-curve Regression

Research Article Enhanced Two-Step Method via Relaxed Order of α-satisfactory Degrees for Fuzzy Multiobjective Optimization

Efficient Project Portfolio as a tool for Enterprise Risk Management

Keywords: Tourism, Mobile Learning, Quality Management, Security

How Sets of Coherent Probabilities May Serve as Models for Degrees of Incoherence

An Evaluation of the Extended Logistic, Simple Logistic, and Gompertz Models for Forecasting Short Lifecycle Products and Services

Improved SVM in Cloud Computing Information Mining

3C-Auth: A New Scheme for Enhancing Security

Transcription:

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) 97-206 htt://ddoorg/04257/sa205929 Inter-doman Allance Authentcaton Protocol Based on Blnd Sgnature Zhang Je Zhang Q-kun Gan Yong Yn Yfeng Tan Yu-an 2 Insttute of Comuter Communcaton Engneerng Zhengzhou Unversty of Lght Industry 450002 Zhengzhou Chna 2 School of Comuter Scence Technology Beng Insttute of Technology Beng 0008 Chna zhangqkun04@63com Abstract In large dstrbuted networks many comuters must be mutual coordnaton to comlete some works under the certan condtons these comuters may come from dfferent domans For ensurng secure cross domans to access resources among these comuters n dfferent domans ths aer rooses a mult-doman unon authentcaton rotocol The rotocol adots blnd sgnature to acheve mutual authentcaton among enttes n dfferent domans Ths scheme overcomes the comlety of certfcate transmsson the network bottlenecks n the scheme of PKI-based It can trace the entty dentty suorts two-way enttes anonymous authentcaton whch avod the authorty counterfetng ts member to access other doman s resources Analyss shows that ts advantages on securty communcaton-consumton Keywords: Inter-doman authentcaton; blnd sgnature; blnear grou Introducton Mult-doman allance authentcaton s needed n large networks whch servces access onts are located n multle domans In a dstrbuted network envronment where comanes nsttutons have ther own sharng resource n order to revent unauthorzed users to access these shared resources every nsttuton wll set u local certfcaton servce equment to rovde certfcaton servces when users access resources Therefore a relatvely ndeendent trust doman s formed n every nsttuton the users that n a doman trust ther certfcaton center the certfcaton center rovdes convenent authentcaton servce for local users to access shared resources However n the case of n a large number of dem servces such as the dems of cloud comutng users need anytme anywhere to access resources In ths case a sngle doman s unable to meet the needs of resource requests therefore t s need many domans mutual cooeraton to acheve ths requests For ths the requests of shared resource are not only from the nternal members of the doman but also from the other domans When the foregn enttes access to the resources n local doman there nvolve the scheme of mult-doman authentcaton The alcatons of cross-doman authentcaton n many felds such as the authentcaton among multle heterogeneous domans wthn a vrtual organzaton under the grd cloud comutng envronment [-2] the roamng access authentcaton under the envronment of wreless network etc[3-4] There are manly two cross-doman authentcaton frameworks under secfc envronments: one s authentcaton framework (such as Kerberos)[5-6]based on the symmetrc key system Ths scheme relates to the comlety of symmetrc key management key consultatons cannot deal wth the anonymous roblem effectvely The other s authentcaton framework based on ISSN: 738-9976 IJSIA Coyrght c 205 SERSC

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) tradtonal [7-9] The management of credentals under ublc key crytograhy s a heavy burden n ths scheme; secfcally the consumtons s caused by the constructon of credental aths the query of the status of credentals transfer of credentals It can also cause the network bottleneck of authentcaton center when under frequent crossdoman accesses References[0-2] roosed an dentty-based mult-doman authentcaton model whch s based on the trust of the authorty of the other sde t requres the key agreement arameters of all domans to be same ths have lmtatons t could not avod the authorty fakng members n ts doman to cross-doman access resources Reference [3-4] adot sgncryton to mlement the authentcaton when users access resource each other wthn the same doman t s confned to a sngle doman so t s dffcult to meet the needs of large-scale dstrbuted comutng Reference [6] etends the scheme of reference [5] make t to enable the members from the dfference domans to authentcate each other but the recondton of ths soluton s the hyothess that PKG of every doman s honest PKG ossesses the rvate keys of all the members wthn ts doman f PKG s malcous the truth dentty of user the confdental of rvate key could not be guaranteed The mult-doman authentcaton allance rotocol roosed n ths aer s desgned based on nter-doman sgnature n whch each nter-doman authentcaton centers do not have to set the same arameters for ther keys the members n a doman regster ther denttes wth blnd keys other than ther rvate keys to avod the authentcaton center fakng cheatng hs members to access resource from other domans At the same tme t has good anonymty t can trace enttes when there occurred dsute between two enttes for accessng resources t has a good defense for varous rotocol attacks mult-doman authentcaton rotocol urosed n the aer can acheve the features as follows: Correctness: a legal user n a doman can be vald verfed by all the users when they comute the authentcaton algorthm of the Cross-doman authentcaton rotocol Unforgeablty: t s nfeasble that a faked member generates an algorthm to ass a vald authentcaton by comutng even f the member s a server of a doman Anonymty: ecet the server of the doman t should be nfeasble that anyone determne the dentty of a rover by comutng Traceablty: the KMC of the doman can determne the dentty of any rover wthn ts doman Ant-attack: Cross-doman authentcaton rotocol should have etensve securty rovably secure Organzaton The rest of aer s organzed as follows: In Secton 2 we ntroduce the relatve knowledge of ths aer In Secton3 we defne the system model In Secton4 we roose the mult-doman sgnature scheme Then we resent mult-doman authentcaton rotocol based on mult-doman sgnature n Secton 5 We rovde securty analyss further analyze the eerment results erformance n Secton6 Fnally we conclude the aer n Secton 7 2 Prelmnares 2 Blnear Grou Frstly we gve the defnton of blnear ma assumng that G G2 G T are k multlcatve grous wth same rme order 2 k s the securty arameter let G g be generated by g G 2 g 2 be generated by g 2 the soluton of 98 Coyrght c 205 SERSC

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) dscrete logarthm over the e G G G : 2 T Blnear: For all the G G 2 G T has the followng roertes: u G v G 2 s hard e a b Z then s a comutable mang e( u v ) e( u v) e( u v) e( u v) a b ab 2 Non-degeneracy: There estsu G v G2 such that 3 Comutable: There s an effcent algorthm to comute for allu G v G2 Corollary: for all the u G u2 G v G2 then e( uu 2 v) e( u v) e( u2 v) Corollary2: for all the u v G2 then 22 Ga Dffe-Hellman grou We frst ntroduce the followng roblems n e( ( u) v) e( u ( v)) G G 2 [7] Defnton Dscrete Logarthm Problem (DLP): f gven u u v n v to fnd Defnton 2 Comutaton Dffe-Hellman Problem (CDHP): Gven a b Z n Z from ( g g g ) G a b ab for to comute g Defnton 3 Blnear Inverse Dffe-Hellman Problem (BIDHP):The BIDH roblem s gven g ag cg for some a c Z to comut a e( g g ) c Defnton 4 Modfed Blnear Inverse Dffe-Hellman Problem (MBIDHP): The BIDH roblem s gven g ag bg 23 Mult-Lnear Mang cg for some a b c Z to comute c a b e( g g ) Mult-lnear Dffe-hellman hyothess: Frstly gven the defnton of mult-lnear mang [2] Suose that the dscrete logarthm roblem of s hard Defnton 5: Let mang roertes: G m e: G G T G T s called m mult-lnearty: For any of e a g a g a g e g g g G G 2 be two grous of the same rme order The mult-lnear mang f t satsfes the followng a a2 a m Z aa 2 am ( 2 2 m m) ( 2 m) 2 Non-degeneracy: If g G s a generator of generator of G T any of g g2 gm G G then e ( g g g) there s s also a 3 Comutablty: For all u u2 um G there ets a effcent way to calculate e( u u2 u m) Defnton 6: Decsonal mult-lnear Dffe-Hellman(DMDH) roblem s that gven t s to determne f there g a g a g a m g G 2 ( ) m z e g g g aa 2 a s z G T Defnton 7: Hyothess of decsonal mult-lnear dffe-hellman s that solvng decsonal mult-lnear dffe-hellman roblem s dffcult That s to say that there cannot be a robablty olynomal tme algorthm whch can solve Dffe-Hellman roblem Coyrght c 205 SERSC 99

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) G G 2 are GDH grous f DDHP can be solved n olynomal tme but no We call olynomal tme an algorthm can solve CDHP DLP or BIDHP wth non-neglgble advantage wthn olynomal tme 3 The Mult-Doman Authentcaton Model In mult-doman authentcaton system the tye of authentcaton s chosen for each doman by them dems wthout need a unfed authentcaton model And nter-doman authentcaton should try to adot a common authentcaton way to acheve mult-doman access nteroerablty Ths mult-doman authentcaton system model s desgned n Fgure Allance Doman KMCA KMCB KMCC KMCA KMCB u un u un Doman A KMCC Doman B u u2 u3 Doman C Fgure Mult-Doman Authentcaton System Model In ths model the system s comosed by multle domans each doman s ndeendent autonomous Each doman conssts of a KMC (key management center) a number of members wthn the doman the doman authorty center are smlar to tradtonal CA (Certfcate Authorty) Every member n a doman not only rovdes ts resources for others but also access resources from others they consttute the resource allance In the case of collaboratve comutng the members of mutual cooeraton are not only from a doman but also from other domans for these members n each doman may need to cross-doman cooeraton KMC dstrbutes manages some keys of ther members wthn ts doman oen the ublc key of KMC n order to mutual vsts certfcaton When members on n a doman they need to regster wth ther true denttes for entty trackng 4 Mult-Doman Blnd Sgnature Scheme Suose generator of n e: G G T G G G 2 are multlcatve grous wth the same rme order e: G G G 2 g s a s an effcently comutable blnear mang s an effcently comutable mult-lnear mang h :{0} Z are hash functon h G Z : 0 T 200 Coyrght c 205 SERSC

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) 4 Allance Doman Key Agreement Suose there have n domans n the allance system all the doman negotate a ar of allance ublc/rvate keys Frstly each ( n) selects a numbers calculates g KMC then broadcasts to other KMC ( ) Z KMC ( n ) n romly n each Accordng to mult-lnear mang each KMC can comutes a ar of allance ublc/rvate keys The rocesses are as the follows: Each calculates the allance rvate wth the arameters g KMC 42 Blnd Sgnature Suose KMC s s sa ( n ) that sends by other numbers KMC KMC s the key management center of doman the ublc key s P g s where s Z D All the network system negotated allance ublc/rvate key ar s( member s y g u s rvate key s ID Z s the dentty of u u n the doman D the rvate key of sa The blnd sgnature s as follows: t Z KMC n the allance Pa ) Suose each the corresondng ublc key () Each KMC selects a numbers romly comutes then sent to all the members n ts doman (2) Each member of the doman receved the calculates the value then sent ( ) to ts (3) The value R s correct then KMC (4) ths way KMC t KMC ID KMC receved each member u then verfes the whether value can ensure that can regster wth KMC sends R to R s sent by sent messages u as regster key ( ID ) e( R a)? e( y P ) KAC y g t s sa calculates the s equaton If t s unque wthn that doman R y ID store ( ) for trackng u as the regster key All members of each doman regster n 5 Mult-Doman Authentcaton Protocol based on Blnd Sgnature In the multle domans networks to ensure secure access resource cross dfferent domans members from dfferent domans need to be authentcated each other In ths secton urosed a mult-doman allance authentcaton rotocol based on short sgnature whch enables drect authentcaton between members does not need the tcket transfer through the authentcaton center Let be two domans n the allance-doman resectvely the KMC are key management centers of resectvely The ublc/rvate key ar of KMC s ublc/rvate D 2 key ar of s ( s P) 2 2 KMC 2 D D 2 ( s P) the ublc/rvate key ar of allance-doman that all the KMC ( n) negotated s (sa Pa ) Suose u v are nternal members of D D 2 resectvely s the rvate key of u R s the regster key of u D Coyrght c 205 SERSC 20

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) y v g s the ublc key of y g u s the rvate key of v v R s the regster key of s the ublc key of When u want to access resource from the rocess of mult-doman authentcaton sesson key agreement are descrbed as follows: () u n doman D calculates ( sgn P R y ) to verfer v sgn y sgn P R y (2) after recevng the messages ( ) ver ( sgn ) KAC sends the ublc nformaton v wth ts rvate key v to calculates verfes whether ver y then verfes P s a ublc key of n the allance-doman whether doman D by whether the eressons (3) If by u ver ( sgn ) u y s a ublc key of a member that belongs to e( R a)? e( y P) e( R a) e( y P) s a member n the doman D then ublc nformaton ( sgn P R y ) to verfer u (4) after recevng the messages ( ) sgn P R ver ( sgn ) verfes whether key of KAC y ver y n the allance-doman whether belongs to doman D 2 by whether the eressons v v then s satsfacton can ensure ( sgn P R y ) are sent calculates sgn y u wth ts rvate key y u verfes whether sends the P to calculates s a ublc s a ublc key of a member that e( R Pa)? e( y P ) s satsfacton If v ver ( sgn ) v e( R Pa) e( y P ) u can ensure ( sgn P R y ) are sent by s a member n the doman system are successful 6 Performance Analyss 6 Correctness Analyss D 2 The cross authentcaton n the mult-doman In ths aer the mult-doman allance authentcaton rotocol s establshed based on blnd sgnature In order to ensure the safe authentcaton when the domans access resources each other the correctness of the sgnature must be ensured for frst tme: Theory : Each legal member n the doman can be authentcated successfully s Proof: snce g sa the roertes of the blnear arngs we have e( R Pa) e( g Pa)) e g s sa s sa sa) ( g ) e( g g ) e( g g ) s e( y P) Snce sgn s y we have u wth a legal regster key R D 202 Coyrght c 205 SERSC

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) ver ( sgn ) ( y ) ( y ) ( g ) y Thus the equaton e( R Pa) e( y P) ver y 62 Securty Analyss () Unforgeablty Any member allance-doman can not fake any other member Theory 2: any members u ( k) u k to access resource Proof: Assume that any member the resource from the member key u ' of u to send e( R a) e( y P) but s not ublshed even f ( sgn ' P R y ) u k do not know the rvate key be fal when v verfes u ' that s out of the allance-doman or n the u that n the domans u k v u k v n the doman to to acheve resource access D D wthn another doman ths can only rove that ver y ofu cannot forge other member fakes another member D can fake the dentty of member After recevng the messages u ' u to access Because the rvate u wth dentty v s a member n the doman therefore the verfcaton sgnature of verfes Therefore members that n the domans D cannot forge other member to access resource (2) Anonymty Proosed rotocol has the anonymty When two members access resources any member can only determne another member s a sole member n a certan doman but the dentty of the member can not be determned Theory3: When there two members access resources mutually can only determne that member u u u k s a sole member of a certan doman cannot be determned only hs u u v KMC the member through regstered dentty Proof: ) User u sends ublc nformaton ( ) whch doman by verfyng the equaton wth the ublc key v P u sgn P R y D e( R a) e( y P) n ths doman wth the ublc key v but the dentty can determne the dentty u ' D wll u ( k) ID of the ID of tov v determnes u from y u n the doman that 2) can only determne u s a sole member n the doman wth the ublc key y t can not be faked by others through verfcaton whether e( R a) e( y P) ver ybut does not know the dentty 63 Traceablty ID of the member u The tradtonal method to desgn a cross multle domans authentcaton rotocol based on trust scheme t s mractcal to let members to trust the KMC that s from dfferent domans Ths aer rovdes a relable certfcaton to trace llegal entty when the dsutes are occurred The traceablty s accordng to the verfer v to verfy the Coyrght c 205 SERSC 203

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) eresson e( R a) e( y P) then sends the messages ( ) to entty ensure the relatonsh among sgn P R y KMC R y ID u by the regstraton nformaton ( ) 7 Consumton Analyses KMC KMC n sgn P R y further to trace the dentty of Comutaton communcaton comlety are two mortant ndcators for evaluatng the erformance of rotocols The aer analyzed the latest research also comared the mult-doman authentcaton rotocol roosed n ths aer wth the latest research rograms n terms of comutaton comlety communcaton overhead We comared our scheme wth the lterature [8-9] n comutatonal comlety as shown n Table These several rograms are elltc curve ublc key crytosystem It s known that 024-bt keys n conventonal crytosystems offer the same level of securty as 60- bt keys n elltc curve crytograhy In artcular n the case of elltc curves we can assume that the echanged messages have sze only 60 bts snce only the coordnate s necessary for the comutaton of the ont ( y) We assume that the length of each communcaton unt s ml = 60 bts n these rograms Table Comlety Analyss of Cross-Doman Authentcated Protocols authentcated rotocols Number of eonentatons Number of arngs Number of scalar multlcatons Number of hash lterature 0 2 8 32ml [8] lterature 0 0 23 0 23ml [9] Ours scheme 2 0 0 6ml Number of sent And receved messages For more ntutve analyss of the energy consumton n each scheme the lterature [20] rovded a eerment that on a 33MHZ "Strong ARM" of mcrorocessor to erform a modular eonentaton arthmetc need to consume 9 mj to ure scalar multlcatons need to consume 88 mj To erform a Tate Parng comutaton need to consume 470 mj It uses a 00kbs transcever module to transmt a bt of nformaton need to consume 08 µj receve a bt of nformaton need to consume 75µJ as shown n Table 2 We assume that the energy consumton of hash calculaton s neglgble The total energy consumton comarson of these three rograms s shown n Fgure Table 2 Energy Costs for Comutaton Communcaton Comutaton cost of Modular Eonentaton 9 mj Comutaton cost of Scalar Multlcaton 88 mj Comutaton cost of Tate Parng 470 mj Communcaton cost for transmttng a bt 08 Communcaton cost for recevng a bt 75 DSA Sgnature 9 mj ECDSA Sgnature 88 mj DSA sgnature verfcaton mj ECDSA sgnature verfcaton 09 mj mj mj 204 Coyrght c 205 SERSC

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) The energy consumton s shown n Fgure the scheme of lterature[8] s the most n energy consumton ours s the mnmum n energy consumton the advantage of ours scheme s that any two enttes can mutual authentcate do key agreement drectly so t needn t the thrd-arty to take art n The cross-doman authentcaton scheme n lterature [8] lterature [9] when an entty wants to access resources from another entty n dfferent doman t must be checked by the thrd-arty so t s very comle Fgure Energy Consumton Analyss shows that ths rotocol s correct can defense attack effectvely s not to need to know the dentty of each other whch can acheve the effectve authentcaton good anonymous The entty can be tracked when there have dsute occurs The comutaton communcaton overhead s relatvely low It has a good securty 8 Concluson Mult-doman allance authentcaton s requred for securty n mult-doman network envronment The scheme of mult-doman allance authentcaton urosed n ths artcle can ensure the securty whle share the resource among multle domans The anonymty can rotect the rvacy of each entty each entty can access dfferent domans resources needless the nterventon of the key management center whch rovdes good fleblty It can avod the bottleneck roblem the comlety of the transfer tckets of the tradtonal attern based on PKI t can trace the enttes suorts two-way enttes anonymous authentcaton whch avod the doman certfcate authorty counterfetng ts member to access cross-doman resources Analyses show that ts advantages on securty communcaton-consumton Acknowledgements Ths work s suorted by Natonal Natural Scence Foundaton of Chna under Grant No (62725 6340059) the PhD Research Fund of the Zhengzhou Unversty of Lght Industry the Scence Technology Plan of Zhengzhou(No 3PPTGG4-5) the Scence Technque Research Program of Henan Educatonal Commttee (No 5A520032 4A520022) Natonal Hgh-tech R&D Program of Chna (863 Program) (Grant No 203AA0A22) Vol30 References Coyrght c 205 SERSC 205

Internatonal Journal of Securty Its Alcatons Vol9 No2 (205) [] R Butler V Welch D Engert I Foster S Tuecke J Volmer C Kesselman A Natonal-Scale Authentcaton Infrastructure [J]IEEE Comuter(2000) Vol 33No 260-66 [2] Z Qkun LYuanzhang S DaneT Yuan Allance-Authentcaton Protocol n Clouds Comutng Envronment Chna Communcatons(202) No742-54 [3] Q ZhangY Tan L Zhang R Wang A Combned Key Management Scheme nwreless Sensor Networks SENSOR LETTERS(20) Vol 9 No450-506 [4] J-S Lee C-C Chang P-Y Chang Chn-Chen Chang Anonymous authentcaton scheme for wreless communcatons Internatonal Journal of Moble Communcatons (2007) 590-60 [5] Lv Chao L Hu M Janfeng N Ben Vulnerablty Analyss of Elltc Curve-Based RFID Protocol[J] Chna Communcatons(20) Vol 8 No4 53-58 [6] J Tang S Lu Z Gu C Lu J-L Gaudot Prefetchng n Moble Embedded System Can be Energy Effcent[J] IEEE Comuter Archtecture Letters (20) Vol 0 No 8- [7] P Hua An dentty-based authentcaton model for mult-moman[j] Chnese Journal of Comuters(2006) Vol 29 No8 27-28 [8] L Chen K HarrsonD SolderaN Smart Alcatons of multle trust authortes n arng based crytosystems[a]in Proceedngs of Infrastructure Securty[C]Berln: Srnger-Verlag(2002) 260-275 [9] N McCullagh Paulo S L M Barreto A new two-arty dentty-based authentcated key agreement[ol] htt://cteseerst su edu/vewdoc/download? do=0589294&re= re&tye=df [0] J Malone-Lee Identty-based sgncryton [OL] htt://erntacrorg/2002/098df [] L Xaomng Feng Dengguo An dentty-ba sed authentcaton model formult-doma n grds[j] Chnese Journal of Electroncs(2006) Vol 34 No4 577-582 [2] Z Longun Xa Ang Cross-doman authentcaton rotocol based on certfcate sgncryton n Iv6 Network[J] Internatonal Journal of Advancements n Comutng Technology(202) Vol 4 No234-4 [3] Boneh D Frankln M Identty based encryton from the Wel arng [J] SIAM Journal on Comutng(2003) Vol 32 No3586-65 [4] W Zhang H ZhangB Zhang Yan Yang An Identty-Based Authentcaton Model for Mult-doman n Grd Envronment[C] Comuter Scence Software Engneerng(2008) No 3 65-69 [5] L Xaomng F Dengguo An dentty-based authentcaton model for mult-doman grds [J] Chnese Journal of Electroncs(2006) Vol 34 No4 577-582 [6] C Lqun; L Hoon We; Y Guomn Cross-doman assword-based authentcated key echange revsted[j] ACM Transactons on Informaton System Securty(204) Vol 642-20 [7] Q-k Zhang Y-A Tan Y-Z L X-La Zhang Cross-doman Allance Authentcaton Scheme Based on Blnear Grou Aled Mathematcs & Informaton Scences(204) Vol 8 No333-37 [8] L Xaomng F Dengguo An dentty-ba sed authentcaton model formult-doma n grds[j] Chnese Journal of Electroncs(2006) Vol 34 No 4 577-582 [9] H Shen-Gang; Z L; Muhammad Ghulam A unon authentcaton rotocol of cross-doman based on blnear arng [J] Journal of Software(203) Vol 8 No 5 094-00 [20] E Makr E Konstantnou Constant round grou key agreement rotocols: A comaratve study[j] comuters securty(20) No30 643-678 Authors Zhang Je assocate rofessor PhD Zhengzhou Unversty of Lght Industry Zhengzhou Chna Hs research nterests nclude nformaton securty crytograhy Zhang Qkun PhD Zhengzhou Unversty of Lght Industry Zhengzhou Chna Hs research nterests nclude nformaton securty crytograhy 206 Coyrght c 205 SERSC

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information