摘要
为了满足某些特殊通信服务在跨服务器认证密钥交换时必须由客户直接协商产生会话密钥的要求,该文提出一种新的基于口令的跨服务器认证密钥交换协议。该协议对在线字典攻击的反应灵敏度及发现此类攻击的计算代价和通信代价低;分析结果表明,新协议满足基于口令的认证密钥交换协议的安全性要求。
In order to meet the special requirement in some special communication servers that the ses- sion key needs to be generated directly by the clients themselves who are located in distinct authentica- tion servers, a novel password authenticated key exchange protocol is proposed in this paper. The new protocol is more sensitive to the online password guessing attacks with less computing and communi- cation. The analysis shows that the new protocol meets the security requirements of password authen- ticated key exchange protocols.
出处
《合肥工业大学学报(自然科学版)》
CAS
CSCD
北大核心
2007年第11期1393-1398,共6页
Journal of Hefei University of Technology:Natural Science
基金
安徽省教育厅青年教师基金资助项目(2006jq1011)
合肥工业大学基金资助项目(061105F)
关键词
信息安全
认证
密钥交换
字典攻击
回放攻击
前向安全性
information security
authentication
key exchange
password guessing attack
replay at-tack
perfect forward secrecy