摘要: 认证群密钥协商协议能为群用户产生一个共享的会话密钥,使群用户在公共数据网络中进行安全通信。该文分析证明Abdalla等人的密钥协商协议不能抵抗假冒攻击:某用户的左右邻居在获得与该用户运行群密钥交换协议副本后,可以假冒该用户与其他群成员运行该协议,产生一个新的共享会话密钥,且不会被群中其他成员发现。并针对该协议编译器的缺点进行改进。
关键词:
群密钥协商协议,
假冒攻击,
协议编译器
Abstract: Authenticated Group Key Agreement(AGKA) protocol allows a group of users in a public network to share a session key which may be used to achieve desirable secure communication. The protocol compiler proposed by Abdalla et al transforms any provably secure authenticated 2-party key establishment into a provably secure AGKE with two more rounds of communication. This paper points out an impersonation attack against the protocol compiler that two malicious users can impersonate an entity to agree some session keys in a new group if these two malicious users have the previous commitment transcripts of the entity. The improvement to eliminate the security leaks is proposed.
Key words:
Authenticated Group Key Agreement(AGKA) protocol,
impersonation attack,
protocol compiler
中图分类号:
李国民;何大可;. 认证群密钥协商协议编译器的分析与改进[J]. 计算机工程, 2009, 35(7): 156-157.
LI Guo-min; HE Da-ke;. Analysis and Improvement of Authenticated Group Key Agreement Protocol Compiler[J]. Computer Engineering, 2009, 35(7): 156-157.