摘要
密钥加密协议的目的是利用安全性低的口令协商安全性高的密钥,进而利用密钥对以后的通信进行加密或身份认证,从而实现安全通信.现有的密钥加密协议大多缺乏安全证明,或者仅在Random Oracle模型下证明了协议的安全性.与Random Oracle模型下的协议相比,标准模型下可证安全的EKE(encrypted key exchange)协议虽然不需要Random Oracle假设,但它们都对参与方的计算能力要求较高,协议规则也更为复杂.从David P.Jablon在“Extended Password Key Exchange Protocols Immune to Dictionary Attacks”一文中提出的协议出发,通过引入服务端的公钥,并利用ElGamal加密和伪随机函数集,将一个Random Oracle模型下可证安全的EKE协议改进为一个标准模型下可证安全的EKE协议,并证明了改进后的协议仍然是安全的.与原始协议相比,改进后的协议只需要DDH(decisional Diffie-Hellman)假设,而不需要理想加密和Random Oracle假设;与其他标准模型下可证安全的协议相比,改进后的协议不需要CCA2(chosen ciphertext attack-2)安全的加密方案,从而不仅可以减少指数计算的次数,而且具有协议规则简单的优点.相对于KOY协议,改进后的协议将指数运算次数降低了73%;相对于Jiang Shao-Quan等人在“Password Based Key Exchange with Mutual Authentication”一文中提出的协议,改进后的协议将指数运算次数降低了55%.
Encrypted key exchange protocol's goal is to establish a high secure key used for further encryption and authentication through a low secure password. Most existing encrypted key exchange protocols either lack security proofs or rely on the Random Oracle model. Compared with those protocols based on the Random Oracle model, provable secure EKE (encrypted key exchange) protocols have heavier computation burden and their descriptions are more complex, although they don't need the Random Oracle model. Through introducing server's public key and applying E1Gamal encryption scheme and pseudorandom function ensemble, a provable secure encrypted key exchange protocol is designed from the protocol proposed by David P. Jablon in the paper of "Extended Password Key Exchange Protocols Immune to Dictionary Attacks", and a proof is presented. Compared with the original protocol, this protocol only needs DDH (decisional Diffie-Hellman) assumption but not ideal encryption and Random Oracle model. Compared with other provable secure encrypted key exchange protocols, because this protocol doesn't need CCA2 (chosen ciphertext attack-2) secure public encryption scheme, it can reduce the number of exponible computations and greatly simplify the protocol's description. Specifically, this protocol reduces 73% of the exponential computations of KOY protocol, and reduces 55% of the exponential computations of the protocol proposed by Jiang Shao-Quan et al. in the paper of "Password Based Key Exchange with Mutual Authentication".
出处
《软件学报》
EI
CSCD
北大核心
2007年第2期422-429,共8页
Journal of Software
基金
国家自然科学基金No.90304013
国家高技术研究发展计划(863)No.2006AA01Z427~~
关键词
加密密钥协商
可证安全
口令
标准模型
encrypted key exchange
provable security
password
standard model