摘要: 提出一个认证密钥交换协议AKE-1。与已有的协议相比,AKE-1效率较高。基于随机预言假设和CDH假设,该协议被证明在eCK07模型下是安全的。AKE-1使用的技术是Cash, Kiltz和Shoup最近提出的陷门测试。基于AKE-1给出一轮的变体(满足只有一个实体在线)和三轮的变体(提供密钥确认属性)以满足不同的应用。
关键词:
认证密钥交换协议,
eCK07模型,
CDH假设,
陷门测试
Abstract: This paper presents an Authenticated Key Exchange(AKE) protocol, named AKE-1. Compared with previous protocols, the proposal is more efficient and proven to be safe in newly enhanced Canetti-Krawczyk(eCK07) model under the random oracle assumption and the Computational Diffie-Hellman(CDH) assumption. It uses a technique named trapdoor test, recently proposed by Cash, Kiltz and Shoup. In addition, it presents a one-pass variant (for only one entity on line) and three-pass variant (providing key confirmation) of AKE-1 for different applications.
Key words:
authenticated key exchange protocol,
enhanced Canetti-Krawczyk(eCK07) model,
Computational Diffie-Hellman(CDH) assumption,
trapdoor test
中图分类号:
卞仕柱;王建东;任勇军;方黎明;夏金月. 强安全高效的认证密钥交换协议[J]. 计算机工程, 2010, 36(7): 136-138,.
BIAN Shi-zhu; WANG Jian-dong; REN Yong-jun; FANG Li-ming; XIA Jin-yue. Strongly-secure and Efficient Authenticated Key Exchange Protocol[J]. Computer Engineering, 2010, 36(7): 136-138,.