计算机工程

• 安全技术 • 上一篇    下一篇

UC安全的双向口令认证密钥协商协议

刘 松,果乃福,谢 帆,张 丽,李 淼   

  1. (解放军65012部队,沈阳 110101)
  • 收稿日期:2012-12-03 出版日期:2014-02-15 发布日期:2014-02-13
  • 作者简介:刘 松(1977-),男,工程师、硕士,主研方向:网络安全;果乃福,高级工程师;谢 帆、张 丽,工程师;李 淼,博士研究生

Universally Composable Secure Mutual Password-authenticated Key Exchange Protocol

LIU Song, GUO Nai-fu, XIE Fan, ZHANG Li, LI Miao   

  1. (The 65012 Unit of PLA, Shenyang 110101, China)
  • Received:2012-12-03 Online:2014-02-15 Published:2014-02-13

摘要: 针对多数口令密钥协商(PAKE)协议不具备双向认证功能的问题,基于通用可组合(UC)模型,提出一种UC安全的双向口令认证密钥协商(MPAKE)协议。定义具有双向认证功能的PAKE协议理想函数,描述实体之间的双向认证关系,并利用联合状态UC模型构造实现该理想函数的协议,使协议实体之间可以使用共享参数。该协议基于口令实现了双向认证,并能够协商出会话密钥。通过构造仿真器及其执行的操作分析MPAKE的不可区分性,从而证明该协议是UC安全的,并且结构简单,可保证在任意多方环境中并行运行时的安全。

关键词: 口令认证密钥协商协议, 双向认证, 通用可组合安全, 仿真器, 认证协议, 安全性证明

Abstract: To solve the problem that mutual authentication is lacked in many existing Password-authenticated Key Exchange(PAKE) protocol, this paper proposes an Universally Composable(UC) secure Mutual Password-authenticated Key Exchange(MPAKE) protocol. An ideal function of PAKE protocol with mutual authentication is defined, the mutual authentication between entities is described explicitly in the defined function, and a new protocol which achieves the ideal function is constructed based on the Joint state UC(JUC) model. So the shared parameters can be used to facilitate the protocol between entities. The new protocol can realize mutual authentication based on password and a session key can also be negotiated. The emulator and its operations are constructed, and its indistinguishability is analyzed. Thus the constructed new PAKE protocol with mutual authentication is proved to be UC secure and simple structure, and the security of protocol is realized when running in parallel in any multi-party environment.

Key words: Password-authenticated Key Exchange(PAKE) protocol, mutual authentication, Universally Composable(UC) secure, emulator, authentication protocol, security proof

中图分类号: