摘要
Ad Hoc网是一种不依赖于任何固定基础设施、没有中心控制节点、计算资源受限的新型无线移动网络.最近王晓峰等学者提出了一个新的适用于Ad Hoc网的具有口令认证和共享口令进化的多方密钥协商协议,并认为他们的协议是安全而高效的.然而我们发现这一协议存在严重的安全缺陷:不能抵抗离线口令猜测攻击和伪造攻击;不能提供前向安全性和后向安全性;不能动态更新群组成员的密钥.
As a new type of wireless mobile networks, Ad Hoc networks do not depend on any fixed infrastructure, and have no centralized control unit and so its computation capabilities are limited by mobile nodes. Recently, Wang, et al. proposed a novel multi-party key agreement protocol with password authentication and sharing password evolvement for Ad Hoc networks and claimed their protocol secure and efficient. However, the research shows the protocol is insecure against off-line password guessing attack and forgery attack. We also point out that the protocol does not meet forward security, backward security and dynamic key evolvement.
出处
《中国科学院研究生院学报》
CAS
CSCD
2008年第5期611-614,共4页
Journal of the Graduate School of the Chinese Academy of Sciences
基金
国家自然科学基金项目(90604018,60673083,90604010)
中国科学院研究生院院长基金(O55001H)资助
关键词
AD
HOC网
密钥协商
安全分析
Ad hoc network, key agreement, security analysis