期刊文献+

具有强安全性的三方口令认证密钥交换协议(英文) 被引量:3

The Three-Party Password-Authenticated Key Exchange Protocol with Stronger Security
下载PDF
导出
摘要 大部分口令认证密钥交换(PAKE)协议的设计者忽略了长期密钥泄露可能造成的危害.文中发现仅仅依靠口令的安全性设计可以抵抗口令泄露攻击的三方PAKE协议是不可能的,所以文中采取服务器通过公钥实现认证的方法,设计一个可以抵抗口令泄露攻击的强安全性协议,其在随机预示和理想密码模型下基于ECGDH假设具有前向安全的特性. Most password authenticated key exchange(PAKE)protocol designers ignored the attacks resulting from leakage of long-term secret keys(passwords).The authors find that it is impossible to design a secure three-party PAKE protocol only based on password against password-compromise impersonation(PCI)attack.So the authors assume that the server realizes entity authentication using his public-key,and propose a novel three-party PAKE protocol based on elliptic curve cryptosystem(ECC),which can resist PCI attack.Furthermore, the authors prove that the proposed protocol is forward secrecy under the ECGDH assumption in the random oracle and ideal cipher models.
出处 《计算机学报》 EI CSCD 北大核心 2010年第1期111-118,共8页 Chinese Journal of Computers
基金 国家“八六三”高技术研究发展计划项目基金(2007AA01Z431,SQ2008AA01Z3472853)资助~~
关键词 口令认证密钥交换 椭圆曲线理论 口令泄露攻击 前向安全 可证安全 PAKE ECC PCI attack forward secrecy provable security
  • 相关文献

参考文献1

二级参考文献23

  • 1Bellovin S M,Merritt M.Encrypted key exchange:Password-based protocols secure against dictionary attacks//Proceedings of the 1992 IEEE Computer Society Symposium on Research in security and Privacy.Oakland,California,USA,1992:72-84.
  • 2Boyko V,MacKenzie P,Patel S.Provably secure password authenticated key exchange using diffie-hellman//Proceedings of the 2000 Advances in cryptology (EUROCRYPT'2000).Bruges,Belgium,2000:156-171.
  • 3Bellare M,Pointcheval D,Rogaway P.Authenticated key exchange secure against dictionary attacks//Proceedings of the 2000 Advances in Cryptology (EUROCRYPT' 2000).Bruges,Belgium,2000:139-155.
  • 4Boyko V,MacKenzie P D,Patel S.Provably secure password-authenticated key exchange using Diffie-Hellman//Proceedings of the 2000 Advances in Cryptology(EUROCRYPT'2000).Bruges,Belgium,2000:156-171.
  • 5Bresson E,Chevassut O,Pointcheval D.New security results on encrypted key exchange//Proceedings of the 7th International Workshop on Theory and Practice in Public Key Cryptography(PKC'2004).Singapore,2004:145-158.
  • 6Gennaro R,Lindell Y.A framework for password-based authenticated key exchange//Proceedings of the 2003 Advances in Cryptology (EUROCRYPT' 2003).Warsaw,Poland,2003:524-543.
  • 7Goldreich O,Lindell Y.Session-key generation using human passwords only//Proceedings of the 2001 Advances in Cryptology(CRYPTO'2001).Santa Barbara,California,USA,2001:408-432.
  • 8Abdalla M,Pointcheval D.Simple password-based encrypted key exchange protocols//Proceedings of the 2005 Topics in Cryptology (CT-RSA' 2005).San Francisco,California,USA,2005:191-208.
  • 9Abdalla M,Chevassut O,Pointcheval D.One-time verifierbased encrypted key exchange//Proceedings of the 8th Inter-national Workshop on Theory and Practice in Public Key (PKC'2005).Les Diablerets,Switzerland,2005:4-7-64.
  • 10Gong L,Lomas M,Needham R,Saltzer J.Protecting poorly chosen secrets from guessing attacks.IEEE Journal of Selected Areas Communications,1993,11(5):648-656.

共引文献7

同被引文献22

引证文献3

二级引证文献7

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部