摘要： 提出了一种基于基本ECMQV 协议的非对称式认证和密钥交换方案AEAS，可实现对客户端的口令认证和对服务端的公钥认证；AEAS 中的客户端口令认证具有零知识安全属性，允许用户使用弱口令，并能抵御各种字典攻击和重放攻击；与同类非对称认证和密钥交换方案相比，AEAS 具有最少的公钥计算开销。AEAS 协议能集成到现有WTLS 协议框架中，从而实现一种高安全性和低计算开销的WTLS扩展，它完全可满足无线终端在企业远程访问场景下的高安全性要求。

关键词: 网络安全；密钥交换方案；ECMQV；WTLS

Abstract: An ECMQV-based asymmetric authentication scheme is proposed, which enables client authentication with memorable passwords and server authentication with conventional certificates; the client password authentication possesses zero-knowledge-proof security property, which allows using weak passwords; implicit authentication is used to validate server-side entity, which greatly cuts down client computation overhead. AEAS can be integrated into current WTLS framework, resulting in a WTLS extension with higher security and lower computation overhead, which mets wireless terminals' high-security requirements under enterprise remote access scenario

Key words: Network security; Key exchange scheme; ECMQV; WTLS