期刊文献+

标准模型下可证安全的加密密钥协商协议 被引量:9

Provable Secure Encrypted Key Exchange Protocol Under Standard Model
下载PDF
导出
摘要 密钥加密协议的目的是利用安全性低的口令协商安全性高的密钥,进而利用密钥对以后的通信进行加密或身份认证,从而实现安全通信.现有的密钥加密协议大多缺乏安全证明,或者仅在Random Oracle模型下证明了协议的安全性.与Random Oracle模型下的协议相比,标准模型下可证安全的EKE(encrypted key exchange)协议虽然不需要Random Oracle假设,但它们都对参与方的计算能力要求较高,协议规则也更为复杂.从David P.Jablon在“Extended Password Key Exchange Protocols Immune to Dictionary Attacks”一文中提出的协议出发,通过引入服务端的公钥,并利用ElGamal加密和伪随机函数集,将一个Random Oracle模型下可证安全的EKE协议改进为一个标准模型下可证安全的EKE协议,并证明了改进后的协议仍然是安全的.与原始协议相比,改进后的协议只需要DDH(decisional Diffie-Hellman)假设,而不需要理想加密和Random Oracle假设;与其他标准模型下可证安全的协议相比,改进后的协议不需要CCA2(chosen ciphertext attack-2)安全的加密方案,从而不仅可以减少指数计算的次数,而且具有协议规则简单的优点.相对于KOY协议,改进后的协议将指数运算次数降低了73%;相对于Jiang Shao-Quan等人在“Password Based Key Exchange with Mutual Authentication”一文中提出的协议,改进后的协议将指数运算次数降低了55%. Encrypted key exchange protocol's goal is to establish a high secure key used for further encryption and authentication through a low secure password. Most existing encrypted key exchange protocols either lack security proofs or rely on the Random Oracle model. Compared with those protocols based on the Random Oracle model, provable secure EKE (encrypted key exchange) protocols have heavier computation burden and their descriptions are more complex, although they don't need the Random Oracle model. Through introducing server's public key and applying E1Gamal encryption scheme and pseudorandom function ensemble, a provable secure encrypted key exchange protocol is designed from the protocol proposed by David P. Jablon in the paper of "Extended Password Key Exchange Protocols Immune to Dictionary Attacks", and a proof is presented. Compared with the original protocol, this protocol only needs DDH (decisional Diffie-Hellman) assumption but not ideal encryption and Random Oracle model. Compared with other provable secure encrypted key exchange protocols, because this protocol doesn't need CCA2 (chosen ciphertext attack-2) secure public encryption scheme, it can reduce the number of exponible computations and greatly simplify the protocol's description. Specifically, this protocol reduces 73% of the exponential computations of KOY protocol, and reduces 55% of the exponential computations of the protocol proposed by Jiang Shao-Quan et al. in the paper of "Password Based Key Exchange with Mutual Authentication".
作者 殷胤 李宝
出处 《软件学报》 EI CSCD 北大核心 2007年第2期422-429,共8页 Journal of Software
基金 国家自然科学基金No.90304013 国家高技术研究发展计划(863)No.2006AA01Z427~~
关键词 加密密钥协商 可证安全 口令 标准模型 encrypted key exchange provable security password standard model
  • 相关文献

参考文献18

  • 1Bellovin SM,Merritt M.Encrypted key exchange:Password-Based protocols secure against dictionary attacks.In:Proc.of the 1992 IEEE Computer Society Symp.on Research in Security and Privacy.Oakland:IEEE Computer Society,1992.72-84.
  • 2Bellovin SM,Merritt M.Augmented encrypted key exchange:A password-based protocol secure against dictionary attacks and password file compromise.In:Denning D,ed.ACM Conf.on Computer and Communications Security.New York:ACM Press,1993.244-250.
  • 3Jablon DP.Extended password key exchange protocols immune to dictionary attacks.In:Proc.of the WETICE'97 Workshop on Enterprise Security.Cambridge:IEEE Computer Society,1997.248-255.
  • 4Steiner M,Buhler P,Eirich T,Waidner M.Secure password-based cipher suite for TLS.ACM Trans.on Information and System Security,2001,4(2):134-157.
  • 5Wu TD.The secure remote password protocol.In:Proc.of the Network and Distributed System Security Symp.NDSS 1998.San Diego:Internet Society,1998.
  • 6Bellare M,Pointcheval D,Rogaway P.Authenticated key exchange secure against dictionary attacks.In:Preneel B,ed.Advances in Cryptology-EUROCRYPT 2000.LNCS 1807,Berlin:Springer-Verlag,2000.139-155.
  • 7Bellare M,Rogaway P.Entity authentication and key distribution.In:Stinson DR,ed.Advances in Cryptology-CRYPTO'93.LNCS 773,Berlin:Springer-Verlag,1993.232-249.
  • 8Boyko V,MacKenzie PD,Patel S.Provably secure password-authenticated key exchange using diffie-hellman.In:Preneel B,ed.Advances in Cryptology-EUROCRYPT 2000.LNCS 1807,Berlin:Springer-Verlag,2000.156-171.
  • 9Abdalla M,Chevassut O,Pointcheval D.One-Time verifier-based encrypted key exchange.In:Vaudenay S,ed.Public Key Cryptography-PKC 2005.LNCS 3386,Berlin:Springer-Verlag,2005.47-64.
  • 10Abdalla M,Pointcheval D.Simple password-based encrypted key exchange protocols.In:Menezes A,ed.Topics in Cryptology-CT-RSA 2005.LNCS 3376,Berlin:Springer-Verlag,2005.191-208.

同被引文献94

  • 1唐权华,金炜东.成长性身份认证[J].网络安全技术与应用,2004(12):27-29. 被引量:2
  • 2李莉,薛锐,张焕国,冯登国,王丽娜.基于口令认证的密钥交换协议的安全性分析[J].电子学报,2005,33(1):166-170. 被引量:15
  • 3冯登国.可证明安全性理论与方法研究[J].软件学报,2005,16(10):1743-1756. 被引量:102
  • 4FENG DengGuo CHEN WeiDong.Modular approach to the design and analysis of password-based security protocols[J].Science in China(Series F),2007,50(3):381-398. 被引量:4
  • 5OBRACZKA K, TSUDIK G. Pushing the limits of multicast in Ad hoc networks[C]//Proceedings of the 21th International Conference on Distributed Computing System. Washington, DC, USA: IEEE Computer Society , 2001: 719-722.
  • 6ZHOU L, HASS Z J. Securing Ad hoe networks[J]. IEEE Network Magazine, 1999, 13(6): 24-30.
  • 7BELLOVIN S, MERRITT M. Augmented encrypted key exchange: A password-based protocol secure against dictionary attacks and password file compromise[C] //Proceedings of the 1st ACM Conference on Computer and Communication Security. New York, USA: ACM Press, 1993: 244-250.
  • 8BELLARE M, POINTCHEVAL D, Authenticated key exchange secure against dictionary attacks[C]//Eurocrypt 2000, LNCS1807. Berlin: Springer- Verlag, 2000: 139-155.
  • 9BOYKO D, MACKENZIE P, PATEL S. Provably secure password-authenticated key exchange using diffie-Hellman [C]//Proceediings of Eurocrypt'01, LNCS1807. Berlin: Springer-Verlag, 2001: 156-171.
  • 10GOLDREICH O, LINDELL Y. Session-key generation using human passwords only[C]//Procecdings of Crypto'01, LNCS2139. Berlin: Springer-Verlag, 2001:408-432.

引证文献9

二级引证文献19

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部