摘要： 传统的密钥交换协议一般只考虑到通信过程的安全性，忽略了服务器端的安全性。一旦服务器被攻陷，则所有用户的口令信息都将被窃取，攻击者就可以冒充合法用户登录系统。目前有一些协议运用零知识证明的方法来解决该问题，但都需要较大的计算量。一种基于动态口令验证因子认证的密钥交换协议(DV-AKE)被提出，其服务器的口令验证因子是动态变化的，使用了轻量的散列函数来实现零知识证明，尤其适合于轻量的客户端和有大量用户同时连接服务器的应用场景。

关键词: 认证；密钥交换协议；动态口令验证因子

Abstract: Traditional design of authenticated key exchange protocol considers communication security, but seldom takes into account the security threat of server compromises. Whenever an authentication server is captured, the intruder can immediately masquerade as legitimate users to successfully log into the system. Although some zero-knowledge-proof methods were designed to relieve this threat, their computation is relatively high due to computationally heavy modular exponentiations employed. A dynamic-verifier based authenticated key exchange protocol is proposed,where the server stores a dynamically changing password-verifier and no password leakage would occur even when the server’s verifier database is stolen. DV-AKE is especially useful for applications where lightweight client is required or lower server computational load is preferred

Key words: Authentication; Key exchange protocol; Dynamic-verifier