Password-Authenticated Multiple Key Exchange Protocol for Mobile Applications 被引量：2

Password-Authenticated Multiple Key Exchange Protocol for Mobile Applications

下载PDF

导出

摘要 To achieve privacy and authentication sinmltaneously in mobile applications, various Three-party Password-authenticated key exchange （3PAKE） protocols have been proposed. However, some of these protocols are vulnerable to conventional attacks or have low efficiency so that they cannot be applied to mobile applications. In this paper, we proposed a password-authenticated multiple key exchange protocol for mobile applications using elliptic curve cryptosystem. The proposed protocol can achieve efficiency, reliability, flexibility and scalability at the same time. Compared with related works, the proposed protocol is more suitable and practical for mobile applications. To achieve privacy and authentication simultaneously in mobile applications, various Three-party Password-authenticated key exchange (3PAKE) protocols have been proposed. However, some of these protocols are vulnerable to conventional attacks or have low efficiency so that they cannot be applied to mobile applications. In this paper, we proposed a password-authenticated multiple key exchange protocol for mobile applications using elliptic curve cryptosystem. The proposed protocol can achieve efficiency, reliability, flexibility and scalability at the same time. Compared with related works, the proposed protocol is more suitable and practical for mobile applications.

作者 Li Wenmin Wen Qiaoyan Su Qi Zhang Hua Jin Zhengping

机构地区 State Key Laboratory of Networking and Switching Technology

出处《China Communications》 SCIE CSCD 2012年第1期64-72,共9页 中国通信（英文版）

基金 Acknowledgements This work was supported by the National Natural ScienceFoundation of China under Grants No. 60873191, No. 60903152, No. 60821001, and the Beijing Natural Science Foundation under Grant No. 4072020.

关键词 mobile applications key exchange PASSWORD elliptic curve cryptosystem SECURITY 密钥交换协议移动应用密码验证椭圆曲线密码体制身份验证口令认证时间效率可扩展性

分类号 TP393.08 [自动化与计算机技术—计算机应用技术] TN929.5 [电子电信—通信与信息系统]

引文网络
相关文献

参考文献20

1KAARANEN H, AHTIAINEN A, IAITINEN L,et al. UMTS Networks-Architecture, Mobility and Services [M].England:John Wiley Sons, 200!.
2IEEE Standard for Local and Metropolitan Area Networks Part 16: Air Interface for Broadband Wireless Access Sys?terrs [S]. IEEE Std. 802.16-2009 (Revision of IEEE Std. 802. 16-2004),2009, C!.
3Draft STANDARD for Information Technology-Telecormrru?nications and Information Exchange Between Systerrs-Lo?cal and Metropolitan Area Networks-Specific Require?ments-Part II: Wireless IAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications: Amend?ment : Enhancements for Higher Throughput[S]. IEEE Draft Std. P802.lln/D2.00, February 2007.
4SHIEH S, HO F, HUANG Y. An Efficient Authentication Protocol for Mobile Networks [J]. Journal of Information Science and Engineering, 1999, 15: 505-520.
5HWANG R, SU F. A new Efficient Authentication Protocol for Mobile Networks [J]. Computer Standards & Interfaces, 2005,28(2): 241-252.
6LIN C, SUN H, HW ANG T. Three-party Encrypted Key Ex?change: Attacks and A Solution[J]. Operating Systems Re?view, 2000, 34(4): 12-20.
7YEH H, SUN H, HWANG T. Efficient Three-Party Authenti?cation and Key Agreement Protocols Resistant to Pass?word Guessing Attacks [J]. Journal of Information Science and Engineering, 2003,19(6): 1059-1070.
8SUN H, CHEN B, HWANG T. Secure Key Agreement Pro?tocols for Three-Party Against Guessing Attacks [J]. Jour?nal of Systems and Software, 2005, 75(1-2): 63-68.
9CHEN T, LEE W, CHEN H. A Round- and Computation-Ef?ficient Three-Party Authenticated Key Exchange Protocol [J]. Journal of Systems and Software, 2008, 81 (9): 1581-1590.
10YANG J, CHANG C. An Efficient Three-Party Authentica?ted Key Exchange Protocol Using Elliptic Curve Cryptog?raphy for Mobile-Commerce Environments [J]. Journal of Systems and Software, 2009,82(9): 1497-1502.

同被引文献13

1QUENTIN H. Where Apps Meet Work, Secret Data Is at Risk[ N]. New York Times,2013-03-04.
2ENCK W, GILBERT P. TaintDroid: An Information- Flow Tracking System for Realtime Privacy Monitoring on Smartphones [ J ]. ACM Transactions on Computer Systems, 2014 ( 2 ) : 1-29.
3郝建涛.基于双层规划的移动应用商店利益分层研究[D].北京:北京邮电大学,2012:16-17.
4任玉珑,王恒炎,刘贞.环境监管中的合谋博弈分析与防范机制[J].统计与决策,2008,24(17):45-47. 被引量：11
5李钢,宋强.中国互联网低俗内容监管的博弈分析[J].管理评论,2011,23(10):77-82. 被引量：13
6胡学先,张振峰,刘文芬.标准模型下通用可组合的口令认证密钥交换协议[J].软件学报,2011,22(11):2820-2832. 被引量：9
7左伟,潘涌璋.基于博弈论的食品安全监管分析[J].科技管理研究,2011,31(23):32-34. 被引量：10
8马志刚.应用软件商店模式:一个需要法律解释的监管命题[J].世界电信,2012(3):21-24. 被引量：1
9闵栋,刘东明.移动智能终端安全问题及监管策略研究[J].电信网技术,2012(5):13-16. 被引量：7
10杨卫军,秦海权,王鹏.Android移动应用软件检测平台[J].信息网络安全,2012(8):64-66. 被引量：2

引证文献2

1杨丰瑞,刘孟娟,潘泉宏.移动应用安全监管中的合谋博弈分析与建议[J].重庆邮电大学学报（社会科学版）,2016,28(2):102-106. 被引量：4
2Xuexian HU,Jiang ZHANG,Zhenfeng ZHANG,Jing XU.Universally composable anonymous password authenticated key exchange[J].Science China(Information Sciences),2017,60(5):149-164. 被引量：3

二级引证文献7

1杨丰瑞,鲁鑫.移动应用信息安全对移动应用双边平台影响研究[J].现代商贸工业,2017,38(8):177-178.
2万晓榆,龙宇,蒋婷.公众参与、政府监管与移动应用安全治理动态演化研究[J].运筹与管理,2018,27(11):50-60. 被引量：15
3游敏惠,龙宇,万晓榆.基于委托—代理理论的移动应用安全监管激励机制研究[J].重庆邮电大学学报（社会科学版）,2019,31(2):93-100. 被引量：1
4卢安文,何洪阳.互联网信息服务业多元主体监管的演化博弈研究[J].图书馆学研究,2019(2):65-76. 被引量：4
5Junwei ZHANG,Ning LU,Jianfeng MA,Chao YANG.Universally composable secure geographic area verification without pre-shared secret[J].Science China(Information Sciences),2019,62(3):171-185. 被引量：1
6魏春艳,蔡晓秋,王天银,苏琦,秦素娟,高飞,温巧燕.基于量子不经意密钥传输的量子匿名认证密钥交换协议[J].电子与信息学报,2020,42(2):341-347. 被引量：9
7李增鹏,汪定.基于格的口令散列方案[J].中国科学：信息科学,2021,51(8):1375-1390.

1YIN Yifeng GAN Yong WEN Heyu LI Tianbao.A Symmetric Key Exchange Protocol Bsaed on Virtual S-Box[J].China Communications,2014,11(A02):46-52. 被引量：2
2万立夫.让手机自动输入复杂密码[J].电脑迷,2012,0(10S):57-57.
3MAO Shaowu ZHANG Huanguo WU Wanqing LIU Jinhui LI Shuanbao Wang Houzhen.A Resistant Quantum Key Exchange Protocol and Its Corresponding Encryption Scheme[J].China Communications,2014,11(9):124-134. 被引量：11
4刘林森.展望信息化时代的远程医疗[J].信息化建设,2009(9):50-52.
5刘林森.信息化时代的远程医疗[J].上海信息化,2010(1):84-87. 被引量：4
6CAO Chunjie,MA Jianfeng,MOON Sangjae.Provable Efficient Certificateless Group Key Exchange Protocol[J].Wuhan University Journal of Natural Sciences,2007,12(1):41-45. 被引量：8
7杨光.路由器PPPoE拨不上号,该怎么办?[J].计算机与网络,2014,40(11):38-38.
8使用iPhone安全六个提示[J].计算机与网络,2008,0(22):38-39.
9常波.密码:人类智力的终极对决[J].今日科苑,2012(4):41-44.
10刘斌,麦麦饼(图).“运动之星”计划[J].少年发明与创造（小学版）,2012(12):12-13.

China Communications

2012年第1期

浏览历史

内容加载中请稍等...

Password-Authenticated Multiple Key Exchange Protocol for Mobile Applications 被引量：2

参考文献20

同被引文献13

引证文献2

二级引证文献7

相关作者

相关机构

相关主题

浏览历史