Abstract:
Most three-party authentication key exchange protocols are not security enough, and can not resist the undetectable online dictionary attack. Aiming at these problems, this paper proposes a three-party authentication key exchange protocol based on password. It analyses the vulnerability of the simple three-party authentication key exchange protocol, and proposes an improved security new protocol. Analysis result shows that, compared with the simple 3PAKE and the other protocols, the execution efficiency on calculation of the new protocol is better.
Key words:
password,
public-key encryption,
key exchange protocol,
undetectable online dictionary attack,
Computational Diffie-Hellman(CDH) assumption
摘要: 传统的三方认证密钥交换协议不具备前向安全性,难以抵抗不可察觉在线字典攻击。为此,研究简单三方口令认证密钥交换协议,分析其存在的安全漏洞并加以改进,提出一种基于口令的三方认证密钥交换协议。分析结果表明,与其他协议相比,该协议的执行效率和安全性较高。
关键词:
mso-ascii-font-family: 'Times New Roman',
mso-bidi-font-size: 8.0pt">口令,
公钥加密,
密钥交换协议,
不可察觉在线字典攻击,
可计算Diffie-Hellmanmso-ascii-font-family: 'Times New Roman',
mso-bidi-font-size: 8.0pt">假设
CLC Number:
WANG Meng-Hui, WANG Jian-Dong. Three-party Authentication Key Exchange Protocol Based on Password[J]. Computer Engineering, 2012, 38(2): 146-147.
王明辉, 王建东. 基于口令的三方认证密钥交换协议[J]. 计算机工程, 2012, 38(2): 146-147.