横向联邦学习环境基于身份认证及密钥协商协议

任杰; 黎妹红; 杜晔; 尹李纶谨

doi:10.13700/j.bh.1001-5965.2021.0217

横向联邦学习环境基于身份认证及密钥协商协议

doi: 10.13700/j.bh.1001-5965.2021.0217

任杰^{1, 2},
黎妹红^{1, 2, ,},
杜晔^{1, 2},
尹李纶谨^{1, 2}

1.
北京交通大学智能交通数据安全与隐私保护技术北京市重点实验室，北京 100044
2.
北京交通大学计算机与信息技术学院，北京 100044

基金项目: 国家自然科学基金(U1736114)；国家重点研发计划(2017YFB0802805)

详细信息

通讯作者:
E-mail： mhli1@bjtu.edu.cn

中图分类号: V221⁺.3；TB553
计量
- 文章访问数: 434
- HTML全文浏览量: 112
- PDF下载量: 51
- 被引次数: 0
出版历程
- 收稿日期: 2021-04-27
- 录用日期: 2021-07-11
- 网络出版日期: 2021-07-30
- 整期出版日期: 2023-02-28

Identity-based authentication key agreement protocol for horizontal federated learning environment

REN Jie^{1, 2},
LI Meihong^{1, 2
, ,},
DU Ye^{1, 2},
YIN Liguanjin^{1, 2}

1.
Beijing Key Laboratory of Security and Privacy in Intelligent Transportation，Beijing Jiaotong University，Beijing 100044，China
2.
School of Computer and Information Technology，Beijing Jiaotong University，Beijing 100044，China

Funds: National Natural Science Foundation of China (U1736114); The National Key R & D Program of China (2017YFB0802805)

More Information

Corresponding author: E-mail：mhli1@bjtu.edu.cn

摘要

摘要:
近年来，联邦学习受到多个领域的广泛关注，而认证及会话密钥协商是保证通信实体之间安全传输、可靠通信的关键技术和基本的安全保障。根据横向联邦学习参与方数据特征，提出一种基于身份的无证书轻量级认证及密钥协商协议；参与方在密钥生成中心（KGC）完成注册后，利用公共参数计算各自的临时密钥和长期密钥完成认证、计算会话密钥；最后，采用扩展的CK（eCK）模型对所提协议进行安全性证明。性能分析表明：所提协议在计算性能和通信开销方面可以有效地控制成本，适用于单服务器下横向联邦学习的训练环境。
- 横向联邦学习 /
- 基于身份密码体制 /
- 无证书 /
- 认证及密钥协商 /
- eCK模型
Abstract:
In recent years, federated learning has received extensive attention in many fields, but this technology inevitably causes data transmission security problems. However, authentication and key agreement are important to ensure secure transmission and reliable communication between communicating entities. This study suggests a lightweight certificateless authentication and key agreement protocol that is identity-based and takes into account the data properties of horizontal federated learning. The participants need to register at the key generation center (KGC) and use public parameters to calculate their temporary keys and long-term keys which is to complete authentication and calculate the session key. Subsequently, the eCK model is used to prove the security of the protocol proposed in this paper. A thorough analysis shows that this protocol is appropriate for a single-server horizontal federated learning environment since it has full security features, low processing and communication costs.
- horizontal federated learning /
- identity-based cryptosystem /
- certificateless /
- authentication and key agreement /
- eCK model

HTML全文

图 1 注册模块

Figure 1. Registration module

下载: 全尺寸图片幻灯片

图 2 认证及密钥协商模块

Figure 2. Authentication and key agreement module

下载: 全尺寸图片幻灯片

表 1 相关协议安全属性对比

Table 1. Security properties comparison among related protocols

协议	双向认证	临时私钥泄露	已知会话密钥安全	前向安全性
文献[14]	×	×	√	√
文献[13]	×	√	√	√
文献[10]	×	×	√	√
文献[15]	√	×	√	√
本文所提协议	√	√	√	√

下载: 导出CSV

表 2 性能分析

Table 2. Performance analysis

协议	计算开销	通信轮数
文献[14]	$ 4{T_{\rm{M}}} + 4{T_{\rm{A}}} $	2
文献[13]	$ 10{T_{\rm{M}}} + 6{T_{\rm{A}}} $	2
文献[10]	$ 6{T_{\rm{M}}} + 4{T_{\rm{A}}} $	2
文献[15]	$ 4{T_{\rm{M}}} + 8{T_{\rm{A}}} $	2
本文所提协议	$ {\text{6}}{T_{\rm{M}}} + 4{T_{\rm{A}}} $	2

下载: 导出CSV

参考文献(17)

[1]	MCMAHAN H B, MOORE E, RAMAGE D, et al. Communication-efficient learning of deep networks from decentralized data[C]//20th International Conference on Artificial Intelligence and Statistics. Fort Lauderdale: PMLR, 2017: 1273-1282.
[2]	SHAMIR A. Identity-based cryptosystems and signature schemes[C]//Advances in Cryptology. Berlin: Springer , 1985: 47-53.
[3]	BONEH D, FRANKLIN M. Identity-based encryption from the Weil pairing[C]// Advances in Cryptology. 2001: 213-229.
[4]	JEGADEESAN S, AZEES M, KUMAR P M, et al. An efficient anonymous mutual authentication technique for providing secure communication in mobile cloud computing for smart city applications[J]. Sustainable Cities and Society, 2019, 49: 101522. doi: 10.1016/j.scs.2019.101522
[5]	BAKHTIARI-CHEHELCHESHMEH S, HOSSEINZADEH M. A new certificateless and secure authentication scheme for ad hoc networks[J]. Wireless Personal Communications, 2017, 94(4): 2833-2851. doi: 10.1007/s11277-016-3721-y
[6]	WU L B, WANG J, RAYMOND CHOO K K, et al. An efficient provably-secure identity-based authentication scheme using bilinear pairings for Ad hoc network[J]. Journal of Information Security and Applications, 2017, 37: 112-121. doi: 10.1016/j.jisa.2017.10.003
[7]	ZHU R W, YANG G M, WONG D S. An efficient identity-based key exchange protocol with KGS forward secrecy for low-power devices[J]. Theoretical Computer Science, 2007, 378(2): 198-207. doi: 10.1016/j.tcs.2007.02.021
[8]	CAO X, KOU W, YU Y, et al. Identity-based authentication key agreement protocols without bilinear parings[J]. IEICE Transaction on Fundamentals, 2008, E91.A(12): 3833-3836. doi: 10.1093/ietfec/e91-a.12.3833
[9]	CAO X F, KOU W D, DU X N. A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges[J]. Information Sciences, 2010, 180(15): 2895-2903. doi: 10.1016/j.ins.2010.04.002
[10]	ISLAM S H, BISWAS G P. An improved pairing-free identity-based authenticated key agreement protocol based on ECC[J]. Procedia Engineering, 2012, 30: 499-507. doi: 10.1016/j.proeng.2012.01.890
[11]	DANIEL R M, RAJSINGH E B, SILAS S. An efficient ECK secure certificateless authenticated key agreement scheme with security against public key replacement attacks[J]. Journal of Information Security and Applications, 2019, 47: 156-172. doi: 10.1016/j.jisa.2019.05.003
[12]	LAMACCHIA B, LAUTER K, MITYAGIN A. Stronger security of authenticated key exchange[C]//International Conference on Provable Security. Berlin: Springer, 2007: 1-16.
[13]	DANIEL R M, RAJSINGH E B, SILAS S. An efficient ECK secure identity based two party authenticated key agreement scheme with security against active adversaries[J]. Information and Computation, 2020, 275: 104630. doi: 10.1016/j.ic.2020.104630
[14]	XIE Y, WU L B, SHEN J, et al. Efficient two-party certificateless authenticated key agreement protocol under GDH assumption[J]. International Journal of Ad Hoc and Ubiquitous Computing, 2019, 30(1): 11. doi: 10.1504/IJAHUC.2019.097093
[15]	郭松辉, 牛小鹏, 王玉龙. 一种基于椭圆曲线的轻量级身份认证及密钥协商方案[J]. 计算机科学, 2015, 42(1): 137-141. doi: 10.11896/j.issn.1002-137X.2015.01.032 GUO S H, NIU X P, WANG Y L. Elliptic curve based light-weight authentication and key agreement scheme[J]. Computer Science, 2015, 42(1): 137-141(in Chinese). doi: 10.11896/j.issn.1002-137X.2015.01.032
[16]	曹阳, 邓方安, 陈涛, 等. 一种基于身份可认证两方密钥协商方案[J]. 成都理工大学学报(自然科学版), 2016, 43(6): 757-761. CAO Y, DENG F G, CHEN T, et al. A two-party key agreement scheme based on authenticated identity[J]. Journal of Chengdu University of Technology (Science & Technology Edition), 2016, 43(6): 757-761(in Chinese).
[17]	周彦伟, 杨波, 张文政. 一种改进的无证书两方认证密钥协商协议[J]. 计算机学报, 2017, 40(5): 1181-1191. doi: 10.11897/SP.J.1016.2017.01181 ZHOU Y W, YANG B, ZHANG W Z. An improved two-party authenticated certificateless key agreement protocol[J]. Chinese Journal of Computers, 2017, 40(5): 1181-1191(in Chinese). doi: 10.11897/SP.J.1016.2017.01181