为保证移动IPv6动态家乡代理发现过程的安全,采用加密生成地址方式将身份与公钥绑定,设计了基于身份的门限群签名方法,满足了动态家乡代理发现过程对认证的要求.在此基础上设计了动态家乡代理发现安全通信协议,保证了家乡代理信息的安全传输.通过对认证方法的安全分析和安全通信协议的形式化证明,表明设计的保护方案是安全有效的.%In order to secure dynamic home agent address discovery procedure in mobile IPv6 protocol, this paper put forward a new ID-based threshold group signature scheme forward and used cryptographically generated address to bind the ID and public key, fulfilling the special demand of authentication in dynamic home agent address discovery procedure. According to the authentication scheme, designed a new communication scheme to ensure the security transport of information in dynamic home agent address discovery. The security analysis of the authentication scheme and the formal method validation of the communication protocol show that our scheme is safe.
展开▼