Two types of schemes based on pseudonym authentication and group signature authentication are compared and analyzed.This paper proposes a hybrid authentication scheme.The model builds an exchange protocol for exchanging pseudonym between adjacent nodes.The node can apply for the exchange key from the Trusted Authority(TA)with the nearby nodes.TA uses asymmetric key to realize the unforgeability of exchange identity and pseudonym.The proposed protocol can effectively resist the collusion attack.The exchanged pseudonym also can be used to signature and authentication between trusted nodes.And the group signature is introduced as the identity attribute label.The group signature label ensures the message unforgeable and auditable.The theoretical and efficiency analysis shows that the proposed scheme introduces the white list mechanism for pseudonym.Under this mechanism,the verification efficiency of a single message is improved obviously.At the same time,the white list mechanism can effectively resist the replay attacks using pseudonym.%对比分析基于别名认证和基于群签名认证2种方案,提出一种混合认证方案.构建一个用于相邻节点间互换别名的交换协议,节点向可信权威(TA)申请与附近节点进行交换的密钥.TA利用非对称密钥实现交换双方的交换主体和别名的不可伪造性.该交换协议能够有效抵御合谋攻击,交换后的别名仍可用于可信节点的签名与认证,并引入群签名作为身份属性标签,群签名标签保证了消息的不可伪造性和可审计性.理论和效率分析表明,该方案引入了针对别名的白名单机制,此机制下单个报文的验证效率明显提高,同时可以有效抵御利用别名的回放攻击.
展开▼
