摘要
针对智能卡登录系统中远程身份认证和密钥交换问题,提出一种具有通用可组合安全的基于口令的匿名认证密钥交换协议——πpAKE.该协议采用匿名技术进行登录认证及信息存储管理,使用Diffie-Hellman(DH)算法实现数据交换,同时生成临时会话密钥.由此节省了登录的运算开销,且协议具有前向安全性.研究从形式化论证角度出发,利用通用可组合安全认证理想函数FAUTH模型和密钥交换理想函数FKE模型,构建πpAKE的通用可组合安全模型,并在此模型下,对πpAKE安全性进行论证,结果表明,该协议具有通用可组合的安全性能.
Focusing on remote entity authentication and key exchange with smart cards,this paper proposed a password-based anonymous authentication key exchange protocol with universally composabe security——πpAKE.In this protocol the anonymous technology was used for login,authentication and management of information storage.Diffie-Hellman(DH)algorithm was in troduced to realize the data exchange and generates the session key so as to reduce the computational cost when login.The protocol has forward security.For the purpose of formalization,this paper established an universally-composable security model for πpAKE based on the model of ideal function for authentication FAUTH and key exchange FKE,and demonstrated the security of πpAKE under the model.The verification results have demonstrated the universally composable security of this sprotocol.
出处
《深圳大学学报(理工版)》
EI
CAS
北大核心
2010年第4期402-407,共6页
Journal of Shenzhen University(Science and Engineering)
基金
国家自然科学基金资助项目(61071038)
广东省自然科学基金资助项目(9151027501000076)~~
关键词
通信技术
信息安全
远程身份认证
密钥交换协议
会话密钥
通用可组合安全
口令认证
communication technology
information security
remote entity authentication
key exchange
session key
universally composable security
password authentication
