期刊文献+
任意字段
题名或关键词
题名
关键词
文摘
作者
第一作者
机构
刊名
分类号
参考文献
作者简介
基金资助
栏目信息

改进的三方口令验证元认证密钥交换协议 被引量:4

Improved Verifier-based Three-party Password-authenticated Key Exchange Protocol
下载PDF
导出
摘要 在三方口令认证密钥交换(三方PAKE)协议中,每个用户仅仅需要和服务器共享一个口令,就可以在服务器的协助下与他人进行安全的密钥交换.由于有效地减少了用户管理口令的负担,三方PAKE协议在大规模用户集的安全通信中受到了较多关注.然而,已有的三方PAKE协议大多关注的是服务器利用明文存储用户口令的情形,没有考虑服务器口令文件泄露所造成的巨大威胁.在服务器端存放的是相应于用户口令的验证元的情形下,研究三方PAKE协议的分析和设计.首先分析了一个最近提出的基于验证元的三方PAKE协议,指出该协议易于遭受离线字典攻击,因此未能达到所宣称的安全性;其次,在分析已有协议设计缺陷的基础上,提出了一个新的基于验证元的三方PAKE协议,并在标准模型下证明了所设计的协议的安全性,与已有协议的比较表明,新提出的协议在提供了更高安全性的同时具有可接受的计算和通信效率. With the aid of three-party password-authenticated key exchange(3PAKE)protocol,two users,each of which shares a low-entropy password with the trusted server,could agree on a common session key securely.Since 3PAKE protocols reduce the burden of password management dramatically when the total number of users is very large,they have attracted much attention recently.However,most of the existing 3PAKE protocols are designed in the scenario where a user stores her/his plain password in the password file of the server,henceforth no protection would be provided once the password file is leaked.This study investigates the analysis and design of verifier-based 3PAKE protocols,where the server holds a verifier of a password other than the plain password.Firstly,it is shown that a recently proposed verifier-based 3PAKE protocol is not secure,which is vulnerable to off-line dictionary attack.Then,aiming to overcome the existed deficits,a new verifier-based 3APKE protocol is proposed and its security is proved in the standard model.Comparisons show that the proposed new scheme takes the advantage of security as well as enjoys practical efficiency.
作者 张启慧 胡学先 刘文芬 魏江宏 ZHANG Qi-Hui;HU Xue-Xian;LIU Wen-Fen;WEI Jiang-Hong(PLA Strategic Support Force Information Engineering University,Zhengzhou 450001,China;School of Computer Science and Information Security,Guilin University of Electronic Technology,Guilin 541004,China)
机构地区 中国人民解放军战略支援部队信息工程大学 桂林电子科技大学计算机与信息安全学院
出处 《软件学报》 EI CSCD 北大核心 2020年第10期3238-3250,共13页 Journal of Software
基金 国家自然科学基金(61502527,61702549,61862011) 广西密码学与信息安全重点实验室研究课题(GCIS201704)。
关键词 密钥交换协议 口令认证 验证元 离线字典攻击 标准模型 key exchange protocol password authentication verifier-based off-line dictionary attack standard model
分类号 TP309 [自动化与计算机技术—计算机系统结构]
  • 相关文献

参考文献5

二级参考文献81

  • 1冯登国.可证明安全性理论与方法研究[J].软件学报,2005,16(10):1743-1756. 被引量:103
  • 2殷胤,李宝.标准模型下可证安全的加密密钥协商协议[J].软件学报,2007,18(2):422-429. 被引量:9
  • 3Bellovin SM, Merritt M. Encrypted key exchange: Password-based protocols secure against dictionary attacks. In: Proc. of the IEEE Symp. on Research in Security and Privacy. Los Alamitos: IEEE Computer Society, 1992. 72-84. [doi: 10.1109/RISP.1992. 213269]. 被引量:1
  • 4Bellare M, Pointcheval D, Rogaway P. Authenticated key exchange secure against dictionary attack. In: Preneel B, ed. Proc. of the EUROCRYPT 2000. LNCS 1807, Berlin: Springer-Verlag, 2000. 140-156. 被引量:1
  • 5Boyko V, MacKenzie P, Patel S. Provably secure password-authenticated key exchange using Diffie-Hellman. In: Preneel B, ed. Proc. of the EUROCRYPT 2000. LNCS 1807, Berlin: Springer-Verlag, 2000. 156-17l. 被引量:1
  • 6Abdalla M, Fouque PA, Pointcheva! D. Password-Based authenticated key exchange in the three-party setting. In: Vaudenay S, ed. Proc. of the PKC 2005. LNCS 3386, Berlin: Springer-Verlag, 2005.65-84. [doi: 10.1007/978-3-540-30580-4 6]. 被引量:1
  • 7Canetti R. Universally composable security: A new paradigm for cryptographic protocols. In: Proc. of the 42nd 1EEE Symp. on Foundations of Computer Science (FOCS). New York: IEEE Computer Society, 2001. 136-145. Idol: 10.1109/SFCS.2001.959888]. 被引量:1
  • 8Canetti R, Halevi S, Katz J, Lindell Y, MacKenzie P. Universally composable password-based key exchange. In: Cramer R, ed. Proc. of the EUROCRYPT 2005. LNCS 3494, Berlin: Springer-Verlag, 2005. 404-421. [doi: 10.1007/11426639_24]. 被引量:1
  • 9Katz J, Ostrovsky R, Yung M. Efficient password-authenticated key exchange using human-memorable passwords. In: Pfitzmann B, ed. Proc. of the EUROCRYPT 2001. LNCS 2045, Berlin: Springer-Verlag, 2001. 475-494. 被引量:1
  • 10Gennaro R, Lindell Y. A framework for password-based authenticated key exchange. In: Biham E, ed. Proc. of the EUROCRYPT 2003. LNCS 2656, Berlin: Springer-Verlag, 2003. 524 543. [doi: 10.1007/3-540-39200-9_33]. 被引量:1

共引文献30

同被引文献34

引证文献4

二级引证文献7

软件学报
2020年 第10期

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部