摘要： 三方密钥协商协议虽然比传统方案高效，但不具有认证功能且易遭受中间人攻击。文章将该协议扩展到多方，提出2个新的基于身份的密钥协商方案。方案中用于实现认证功能的签名是短签名，因此认证过程比较高效。通过引入口令进化机制，提高了安全性。新方案具有等献性、无密钥控制、已知密钥安全、抗中间人攻击等安全特性。

关键词: 认证, 密钥协商, 双线性对, 口令进化

Abstract: The tripartite key agreement protocol is more efficient than previous protocol, but it is unable to authenticate the user’s identity and is vulnerable to man-in-the-middle attack. This paper extends it to multi-party, and proposes two ID-based key agreement schemes. The new schemes are able to authenticate the user’s identity, and the signature to realize the function is a short signature, so the executing phase is efficient. Password evolution scheme is introduced in order to improve its security. The new schemes have many properties such as equal contribution, non-key control, against man-in-middle attack, etc.

Key words: authentication, key agreement, bilinear pairing, password evolution

中图分类号: 

• TP309.2