摘要
双方认证密钥协商是生成会话密钥的重要手段。分析了赵建杰等于2011年提出的一个可证明安全的双方认证密钥协商协议,指出如果敌手持有原协议的长期私钥,协议是不安全的。提出一种改进的协议,新协议将影响安全性的公开参数保护起来,避免了长期私钥的泄露,并对新协议的安全性和计算量进行了讨论。分析结果表明,新协议在减少计算量的前提下实现了协议双方的安全密钥协商。
Two-party authenticated key agreement is one of the methods to generate session keys.In this paper,the authors analyzed a new provably secure two-party authenticated key agreement protocol proposed in 2011 by Jianjie Zhao et al.and pointed out that this protocol was not secure if the adversary can obtain the long-term key of a participant.Then an improved protocol was presented,and in the new scheme,the parameters that may leak the long-term keys were encrypted.The authors also discussed the security and computational cost of the new scheme.The result shows that the new protocol realizes the secure key agreement with lower computational cost.
出处
《计算机应用》
CSCD
北大核心
2012年第11期3147-3148,3152,共3页
journal of Computer Applications
关键词
密码学
认证
密钥协商
前向安全性
可证明安全
cryptography
authentication
key agreement
forward secrecy
provable security