期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

一种可证安全的两方口令认证密钥交换协议 被引量:3

A Provably Secure Two-party Password-authenticated Key Exchange Protocol
在线阅读 下载PDF
导出
摘要 口令认证的两方密钥交换协议无法抵御口令字典攻击和服务器泄漏伪装攻击。为此,提出一种改进的PAKA-X协议,用户保存自己的口令明文,服务器存储用户口令明文的验证值,由此弥补原协议的安全漏洞。理论分析结果表明,改进协议具有完美前向安全性,能抵抗Denning-Sacco攻击、服务器泄漏攻击、在线和离线字典攻击以及中间人攻击,并且仅需9次指数运算、6次哈希运算和6次异或运算,运行效率较高。 Password-authenticated key exchange protocol can not resist dictionary attack and server compromising attack,so this paper proposes an improved PAKA-X protocol.A user stores his password,while the server stores a verifier for user's password.Analysis result shows that the proposed protocol has perfect forward secrecy,can resist the Denning-Sacco attack,server compromising attack,on-line dictionary attack,off-line dictionary attack and man-in-the-middle attack.And it has only 9 exponentiation computations,6 hash-function computations and 6 exclusive-or computations,so it has reliable efficiency.
作者 项顺伯 彭志平 柯文德
机构地区 广东石油化工学院计算机与电子信息学院
出处 《计算机工程》 CAS CSCD 2013年第1期164-167,共4页 Computer Engineering
基金 广东省自然科学基金资助项目(8152500002000003) 广东高校优秀青年创新人才培育基金资助项目(201180)
关键词 口令认证密钥交换协议 服务器泄漏攻击 字典攻击 Denning-Sacco攻击 前向安全 password-authenticated key exchange protocol server compromising attack dictionary attack Denning-Sacco attack forward secure
分类号 TP309.2 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献10

  • 1Bellovin S M,Merritt M. Encrypted Key Exchange:Password-based Protocols Secure Against Dictionary Attacks[A].Oakland,USA:IEEE Press,1992.72-84.
  • 2Jablon D P. Extended Password Key Exchange Protocols Immune to Dictionary Attack[A].IEEE Press,1997.248-255.
  • 3Boyko V,MacKenzie P,Patel S. Provably Secure Password-authenticated Key Exchange Using Diffie-Hellman[A].Berlin:Springer-Verlag,2000.156-171.
  • 4Lee S W,Kim W H,Kim H S. Efficient Passwordbased Authenticated Key Agreement Protocol[A].[S.1.]:Springer-Verlag,2004.617-626.
  • 5Shim K A,Seo S H. Security Analysis of Password-authenticated Key Agreement Protocols[A].Xiamen,China:[s.n.],2005.49-58.
  • 6Kwon J O,Sakurai K,Lee D H. One-round Protocol for Two-party Verifier-based Password-authenticated Key Exchange[A].Heidelberg:Springer-Verlag,2006.87-96.
  • 7Ma Chunbo,Ao Jun,Li Jianhua. A Novel Verifier-based Authenticated Key Agreement Protocol[A].Heidelberg:Springer-verlag,2007.1044-1050.
  • 8谭示崇,张宁,王育民.新的口令认证密钥协商协议[J].电子科技大学学报,2008,37(1):17-19. 被引量:6
  • 9Chen Yalin,Chou Jue-Sam,Huang Chun-Hui. Improvements on Two Password-based Authentication Protocols[EB/OL].http://eprint.iacr.org/2009/561,2011.
  • 10Yang Junhan,Cao Tianjie. A Verifier-based Password-authenticated Key Exchange Protocol via Elliptic Curves[J].Journal of Computer Information Systems,2011,(02):548-553.

二级参考文献11

  • 1BELLOVIN S, MERRITT M. Encrypted key exchange: password-based protocols secure against dictionary attacks[C]//Proceedings of the IEEE Symposium on Research in Security and Privacy. Oakland: IEEE Computer Society, 1992: 72-84.
  • 2BELLOVIN S, MERRITT M. Augumented encrypted key exchange:a password-based protocol secure against dictionary attacks and password file compromise[C]// Proceedings of CCS'93. New York: ACM Press, 1993: 244-250.
  • 3JABLON D. Strong password-only authenticated key exchange[J]. ACM Computer Communication Review, 1996, 26(5): 5-20.
  • 4BELLARE M, POINTCHEVAL D, ROGAWAY E Authenticated key exchange secure against dictionary attacks[C]//Advances in Cryptology-EUROCRYPT'00. Bruges & Belgium: Springer-Verlag, 2000.
  • 5BOYKO V, MACKENZIE P, PATEL S. Provably-secure password anthentiation and key exchange using Diffie-Hellman[C]//EUROCRYPI2000. Bruges,Belgium: Springer-Verlag,2000.
  • 6KATZ J, OSTROVSKY R, YUNG M. Efficient password- authenticated key exchange using human-memorable passwords[C]//EUROCRYPT 2001. Berlin: Springer-Verlag,2001.
  • 7Raimondo M, Gennaro R. Provably secure thre-shold password-authenticated key exchange[C]//EUROCRYPT 2003. New York: Springer-Verlag, 2003.
  • 8GENNARO R, LINDELL Y. A framework for password- based authenticated key exchange[C]//EUROCRYPT2003. New York: Springer-Verlag. 2003.
  • 9BRESSON E, CHEVASSUT O, POINTCHEVAL D. New security results on encrypted key exchange[C]//PKC2004. Singapore: Springer-Verlag, 2004.
  • 10LEE S W, KIM W H, KIM H S, et at. Efficient password-based authenticated key agreement protocol[C]// ICCSA'04. Perugia: Springer-Verlag, 2004.

共引文献5

同被引文献23

  • 1王继林,伍前红,陈德人,王育民.匿名技术的研究进展[J].通信学报,2005,26(2):112-118. 被引量:17
  • 2崔媛媛 ,周永彬 ,丁金扣 ,温巧燕 .一种具有用户匿名性和前向安全性的WTLS握手协议的安全性分析及其改进[J].高技术通讯,2005,15(4):6-10. 被引量:3
  • 3Bellovin S M,Merritt M. Encrypted Key Exchange:Password-based Protocols Secure Against Dictionary Attacks[A].Oakland,USA:IEEE Press,1992.72-84.
  • 4BELLOVIN S,MERRITT M. Augumented encrypted key exchange:a password-based protocol secure against dictionary attacks and password file compromise[A].New York:acm Press,1993.244-250.
  • 5KA Shim,SH Seo. Security analysis of password-authenticated key agreement protocols[A].Xia men,China,2005.49-58.
  • 6Peter Nose. Security weaknesses of authenticated key agreement proto cols[J].Information Processing Letters,2011,(14):687-696.
  • 7Lee S W,Kim W H,Kim H S. Efficient Password based Authen ticated Key Agreement Protocol[A].Springer-verlag,2004.617-626.
  • 8Shim K A;Seo S H.Security Analysis of Password authenticated Key Agreement Protocols[A]福建厦门,200549-58.
  • 9Ma Chunbo,Ao Jun,Li Jianhua. A Novel Verifier-based Authenticated Key Agreement Protocol[A].Heidelberg:Springer-verlag,2007.1044-1050.
  • 10KWAK D J, HA J, LEE H J C, et al. A WTLS handshake pro- tocol with user anonymity and forward secrecy [J]. Lecture Notes in Computer Science, 2003, 2524: 219-230.

引证文献3

计算机工程
2013年 第1期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部