对客户到客户的口令认证密钥协商协议的密码分析和改进(英文) 被引量：1

Cryptanalysis and Improvement of Client-to-Client Password Authenticated Key Exchange Protocol

下载PDF

导出

摘要大多数基于口令的密钥协商协议都只考虑如何在客户与服务器之间协商密钥.客户到客户口令认证密钥协商协议考虑如何在两个客户之间协商密钥,而这两个客户只分别与各自的服务器共享口令.在文献[1]中,Jin Wook Byun等提出了两个协议,分别称为跨域C2C-PAKE协议和单服务器C2C-PAKE协议.最近针对这两个协议,提出了一系列攻击和改进方案.在本文中,我们指出跨域C2C-PAKE协议及其所有的改进方案都是不安全的.我们设计了一个新的跨域C2C-PAKE协议.它可以抵抗已知的所有攻击. Most password-based key exchange protocols consider how to exchange a session key between a client and a server. Client-to-Client password authenticated key exchange protocol considers the scenario where two clients want to establish a session key, but they only share their passwords with their own servers. In Ref. [ 1 ], Jin Wook Byun et al proposed two such protocols called cross-realm C2C- PAKE and single-server C2C-PAKE. Recently, some flaws of these two protocols are found and some improvements are suggested. In this paper, we show that the cross-realm C2C-PAKE protocol and its all improved forms are still insecure. And we also present a new cross-realm C2C-PAKE protocol which is resistant to all known attacks.

作者殷胤李宝

机构地区信息安全国家重点实验室(中国科学院研究生院)

出处《中国科学院研究生院学报》 CAS CSCD 2006年第6期793-801,共9页 Journal of the Graduate School of the Chinese Academy of Sciences

基金 the National Natural Science Foundation of China(90304013)

关键词口令密钥协商客户到客户跨域 password, key exchange, client-to-client, cross realm

分类号 TP301 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献15

1Byun JW,Jeong IR,Lee DH,et al.Password-authenticated key exchange between clients with different passwords.In:hfonnation and Communications Security-ICICS 2002,Springer,LNCS,2513:134～146
2Diffie W,Hellman ME.New directions in cryptography.IEEE Transactions on Information Theory,1976,22(6):644～654
3Bellovin SM,Merritt M.Encrypted key exchange:Password-based protocols secure against dictionary attacks.In:Proceedings of the 1992 IEEE Symposium on Security and Privacy,IEEE Computer Society Press,1992,72～84
4Boyko V,MacKenzie PD,Patel S.Provably secure password-authenticated key exchange using diffie-hellman.In:Advances in Cryptology-EUROCRYPT 2000,Springer,LNCS,1807:156～171
5MacKenzie PD.More efficient password-authenticated key exchange.In:Topics in Cryptology-CT-RSA 2001,Springer,LNCS,2020:361～377
6MacKenzie PD.The pak suite:Protocols for password-authenticated key exchange.In:Submission to IEEE P1363.2,2002
7Bellare M,Rogaway P.The autha protocol for password-based authenticated key exchange.In:Contribution to the IEEE P1363 study group,2000
8Bresson E,Chevassut O,Pointcheval D.Security proofs for an efficient password-based key exchange.In:Proceedings of the 10th ACM Conference on Computer and Communications Security-CCS 2003,ACM,2003,241～250
9Bresson E,Chevassut O,Pointcheval D.New security results on encrypted key exchange.In:Public Key Cryptography-PKC 2004,Springer,LNCS,2947:145～158
10Abdalla M,Chevassut O,Pointcheval D.One-time verifier-based encrypted key exchange.In:Public Key Cryptography-PKC 2005,Springer,LNCS,3386:47～64

同被引文献1

1刘洋,王普,李亚芬.一种扩展的基于角色的安全访问控制模型的设计[J].网络安全技术与应用,2008(5):81-82. 被引量：2

引证文献1

1田梓良.TPM计算机平台与可信双向认证方案研究[J].信息与电脑,2015,27(12):132-133.

1夏鹏,刘昌明.一种新的跨域C2C-PAKE协议[J].计算机与数字工程,2011,39(5):92-96.
2胡敏,刘卫红,邬家炜,何丽,王耀明.跨域基于口令认证的密钥交换协议的分析与改进[J].现代计算机,2009,15(2):38-41.
3吴诗举.因陋就简打造高效FTP服务器共享优质资源[J].信息教研周刊,2012(4):105-105.
4王亚林.无服务器共享ADSL宽带详解[J].中小学电教（综合）,2005(1):64-65.
5郑重.电子签名法下的商机与时机[J].互联网周刊,2004(44):202-202.
6张诗梦,李学宝,陈宏朝.基于验证元的多密钥跨域交换协议[J].科学技术与工程,2013,21(30):8950-8954.
7曹天杰,杨珺涵.改进的跨域口令认证密钥交换协议[J].中国矿业大学学报,2010,39(3):443-448. 被引量：1
8向广利,朱平,张俊红,马捷.基于RSA的同态密钥协商[J].计算机工程,2007,33(19):128-129. 被引量：1
9司凤山,徐勇.云计算中的入侵检测模型[J].网络安全技术与应用,2014(9):5-6. 被引量：4
10刘广伟,周恩光,闫虹,周福才.一种改进的跨域口令密钥交换协议[J].东北大学学报（自然科学版）,2009,30(1):42-45. 被引量：6

中国科学院研究生院学报

2006年第6期

浏览历史

内容加载中请稍等...

对客户到客户的口令认证密钥协商协议的密码分析和改进(英文) 被引量：1

参考文献15

同被引文献1

引证文献1

相关作者

相关机构

相关主题

浏览历史