目前P2P网络得到了迅猛发展,但由于其本身的结构特点使之面临很多的安全问题。网络安全极大地阻碍了P2P系统的发展。文中在比较传统公钥基础设施(PkI),基于身份的公钥密码系统(Id-PkC)和无证书公钥密码系统(Cl-PkC)各自优缺点的基础上,提出了混合P2P中一种基于Cl-PkC的域内和跨域双向认证和密钥协商协议,并进行了安全性分析。本方案克服了P2P网络中PkI繁琐的证书管理和Id-PkC的密钥托管等问题,提高了双向认证和密钥协商的速度,具有较高的效率,能较好地解决混合P2P网络的安全问题。Now P2P network has been rapidly developed,but it faces a lot of security problems because of the structural characteristics.Network security has greatly hampered the development of P2P systems.Based on the respective analysis of the advantages and disadvantages of the traditional public key infrastructure(PKI),identity-based cryptography(ID-PKC) and certificateless public key cryptography(CL-PKC),proposes one kind of bidirectional authenticated and key agreement protocols in one domain and across multiple domains based on CL-PKC for hybrid P2P network.At last analyses its security.The scheme overcomes the problem of complicated management of PKI certificates and the key escrow of ID-PKC in P2P network.It speeds up the time of bidirectional authenticated and key agreement protocols,proved to be more efficient,and can better solve the security problems in hybrid P2P network.福建省自然科学基金项目(A0410004);厦门大学院士基金(0630-E23011);厦门大学新世纪优秀人才支持基金(0000-X07116
