摘要： 三方密钥交换协议是双方交换协议的推广，现存的大多数三方密钥交换协议都是用户—用户—服务器模式的，此类协议大多不能抵抗不可检测的口令猜测在线攻击。为此构造一个改进的口令基三方密钥交换协议。该改进协议较为复杂且两用户间需要3轮交换。为提高效率，基于CDH与DDH等基本的密码学假设，提出一个简单的口令基三方密钥交换协议。在AIP模型下证明该协议的安全性。

关键词: 口令基密钥交换协, AIP模型, 不可检测的口令猜测在线攻击, 三方密钥交换协议

Abstract: Three-party Password-Based Key Exchange(PBKE) protocols are extended from two-PBKE protocols for three-party environments. Most existing three-PBKE protocols are designed for the user-user-server architecture, in which each user shares his password with a trusted server. Kim and Choi reveales many three-PBKE protocols’ weakness in resisting undetectable on-line password guessing attack, and proposes an enhanced protocol to resist the described attack. However, it is inefficient and needs three rounds interaction between the two users. This paper presents an efficient construction for three-PBKE, and proves its security in AIP model.

Key words: Password-Based Key Exchange(PBKE), AIP model, undetectable on-line password guessing attack, three-PBKE protocol

中图分类号: 

• TP309