期刊文献+

基于口令的跨服务器认证密钥交换协议研究 被引量:2

Password authenticated key exchange protocol under distinct authentication servers
下载PDF
导出
摘要 为了满足某些特殊通信服务在跨服务器认证密钥交换时必须由客户直接协商产生会话密钥的要求,该文提出一种新的基于口令的跨服务器认证密钥交换协议。该协议对在线字典攻击的反应灵敏度及发现此类攻击的计算代价和通信代价低;分析结果表明,新协议满足基于口令的认证密钥交换协议的安全性要求。 In order to meet the special requirement in some special communication servers that the ses- sion key needs to be generated directly by the clients themselves who are located in distinct authentica- tion servers, a novel password authenticated key exchange protocol is proposed in this paper. The new protocol is more sensitive to the online password guessing attacks with less computing and communi- cation. The analysis shows that the new protocol meets the security requirements of password authen- ticated key exchange protocols.
出处 《合肥工业大学学报(自然科学版)》 CAS CSCD 北大核心 2007年第11期1393-1398,共6页 Journal of Hefei University of Technology:Natural Science
基金 安徽省教育厅青年教师基金资助项目(2006jq1011) 合肥工业大学基金资助项目(061105F)
关键词 信息安全 认证 密钥交换 字典攻击 回放攻击 前向安全性 information security authentication key exchange password guessing attack replay at-tack perfect forward secrecy
  • 相关文献

参考文献11

  • 1Menezes A, Oorschot P C, Vanstone S A.应用密码学手册[M].胡磊,王鹏,译,北京:电子工业出版社,2005:508-514.
  • 2Bellovin S M, Merritt M. Encrypted key exchange: password-based protocols secure against dictionary attacks [C]//Proceedings of the IEEE Symposium on Security and Privacy. Oakland, California: IEEE Computer Press, 1992:72--84.
  • 3Yoon E J, Yoo K Y. New authentication scheme based on a one-way hash function and Diffie-Hellman key exchange [C]//LNCS Proceeding of Cryptology and Network Security- 4th International Conference. Heidelberg: Springer Verlag, 2005 : 147-- 160.
  • 4KimW H, Kim H S, Lee SW,et al. Password based Authenticated key exchange protocol[C]//Proceeding of the International Conference on Artificial Intelligence and Soft Computing. Banff, Canada: Int Assoc of Science and Technology for Development, 2003:111 -- 116.
  • 5卓继亮,李先贤,李建欣,怀进鹏.安全协议的攻击分类及其安全性评估[J].计算机研究与发展,2005,42(7):1100-1107. 被引量:16
  • 6Gong L, Lomas M, Needham R, et al. Protecting poorly chosen secrets from guessing attacks[J]. IEEE J Selected Areas Commun, 1993,11 (5) : 648-- 656.
  • 7Yeh T H, Sun H M. Password authenticated key exchange protocols under distinct authentication servers[J]. Computers and Electrical Engineering, 2005, 31 (3) : 175-- 189.
  • 8李莉,薛锐,张焕国,冯登国,王丽娜.基于口令认证的密钥交换协议的安全性分析[J].电子学报,2005,33(1):166-170. 被引量:15
  • 9于宝证 徐枞巍.对一种密钥交换协议的密码分析.计算机科学,2006,33(7):309-310.
  • 10汪伦伟,廖湘科,王怀民.认证可信度理论研究[J].计算机研究与发展,2005,42(3):501-506. 被引量:8

二级参考文献56

  • 1Chun-Li Lin, Hung-Min Sun, Tzonelih Hwang. Three-party encrypted key exchange: attacks and a solution [J]. ACM Operating Systems Review, 2000,34(4):12 - 20.
  • 2Chun-Li Lin, Hung-Min Sun, Michael Steiner and Tzonelih Hwang.Thrree-party eacrypted key exchange without server public-keys[J]. IEEE Communications Letters,2001,5(12) :497- 499.
  • 3D P Jablon. Strong password-only authenticated key exchange [J].SIGCOMM Computer Communication Review, 1996,26(5) :5 - 26.
  • 4S Lucks. Open key exchange: how to defeat dictionary attacks without encrypting public keys[A]. Proceedings of the Workshop on Security Protocols[C]. Ecole Normale Superieure, 1997.
  • 5T Wu. A real world analysis of Kerberos password security [A]. In NDSS'99.
  • 6S Halevi, H Krawczyk. Public-key cryptography and password protocols[A]. ACM Transaction on Information and System Security [C]. New York, USA,ACM Press, 1999,2(3) :230 - 268.
  • 7M Bellare, D Pointcheval, P Rogaway. Authenticated key exchange secure against Dictionary Attacks [A]. Advances in Cryptology-Eurocrypt' 00 [C]. LNCS 1807, B Preneel ed., Springer-Verlag,2000.
  • 8V Boyko, P Mackenzie and S Patel. Provably secure password authenticated key exchange using diflie hellmau [A]. Proceedings of Advances in Cryptology-Ettrocrypt 2000 [ C ]. LNCS 1807, 2000. 156- 171.
  • 9G Lowe. Analysing protocols subject to guessing attacks[A]. Workshop on Issues in the Theory of Security(WTIS'02) [C] .January 2002.
  • 10F J Thayer Fabrega, J C Herzog, J D Guttman. Strand space: why is a security protocol correct[A]. IEEE Computer Symposium on Security and Privacy[C]. 1998.

共引文献38

同被引文献6

  • 1黄宇红.基于蜂窝系统的IMS-融合电信领域的VoIP演进[M].北京:机械工业出版社,2009.
  • 2张同须.3GIP多媒体子系统IMS-融合移动与因特网[M].北京:人民邮电出版社,2006.
  • 33GPP TR 33.802. Feasibility study on IMS Security Extensions (Release 7)[S]. 2005.
  • 4YEH H T, SUN H M. Password authenticated key exchange protocols among diverse network domains[J]. Computers and Electrical Engineering, 2005(31): 175- 189.
  • 5覃东,曾红亮.基于SSL的客户端认证策略研究[J].计算机工程与设计,2008,29(2):312-314. 被引量:10
  • 6任桃,谢冬青.基于SSL协议访问控制机制的分析与研究[J].微计算机信息,2009(9):59-61. 被引量:3

引证文献2

二级引证文献3

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部