Abstract:
This paper describes a cross-realm C2C-PAKE protocol. Based on it, it improves the formal model and proposes an improved protocol which is introduced public key mechanism to system security and combined with the high reliability of discrete logarithm. The protocol is simple and is analyzed with semantic security and key confidentiality. It also achieves the mutual authentication between server and client, and it can resist common attacks such as undetected online dictionary attack. Security analysis shows it is safe and effective.
Key words:
cross-realm,
password authentication,
key exchange,
security protocol
摘要: 描述一个跨域口令认证密钥交换协议,在其基础上对跨域C2C-PAKE协议的安全模型进行改进。通过引入公钥密码体制,结合离散对数高可靠等特点,提出改进的跨域口令认证密钥交换协议。该协议步骤简单,具有语义安全性、密钥保密性,实现了服务器与用户之间的双向认证,能对抗不可检测在线字典攻击等常见攻击。安全性分析表明该协议是安全有效的。
关键词:
跨域,
口令认证,
密钥交换,
安全协议
CLC Number:
LIU Wei-Gong, WANG Li-Bin, MA Chang-She. Improved Cross-realm C2C-PAKE Protocol[J]. Computer Engineering, 2010, 36(19): 162-164.
刘卫红, 王立斌, 马昌社. 改进的跨域口令认证密钥交换协议[J]. 计算机工程, 2010, 36(19): 162-164.