摘要
对已泄漏的口令数据进行分析,发现,其在服务器端存储时,通常都是以口令哈希值(如Bcrypt,PBKDF2等)的形式存储.然而哈希算法存在相同的输入对应的输出一定相同的问题.这使得用户口令很容易遭受口令猜测攻击.为了解决这个问题,本文提出了一个基于身份加密的口令保护协议.同时,为了避免单个服务器被攻陷成为恶意服务器,从而威胁口令安全的问题,本文协议采用了双服务器架构.并且,在随机预言机模型下证明了我们的协议是IND-ID-CCA2安全的.性能分析表明,与传统的哈希算法相比,本文使用的公钥加密算法虽然消耗更多计算资源,但是提高了安全性,对于相同的输入,本文算法输出一定不相同.即使攻击者得到了口令密文,也无法像猜测哈希一样实施大规模口令猜测攻击.
According to the analysis of the leaked data,most of the passwords are encrypted with a hash algorithm such as Bcrypt and PBKDF2,because a same input will always result in the same output for a particular hash algorithm.This makes the passwords vulnerable to password guessing attack,especially when the attackers have a large mount of leaked account data.To address this vulnerability,this paper proposes an identity-based password protection scheme.The proposed scheme is dual server based to overcome the weakness of using one server(maybe malicious).The proposed scheme is proved to achieve IND-ID-CCA2 security in the random oracle model.It is shown that the algorithm in this paper is more secure than the traditional hash algorithm.Although the performance analysis shows that the proposed algorithm performs a bit worse than the hash-based algorithm in both computation and communication overhead,however,it has the property that the same input will get different outputs in different executions,which improves the security against password guessing attack.
作者
罗敏
孙艾颖
阴晓光
张栋
何德彪
LUO Min;SUN Ai-Ying;YIN Xiao-Guang;ZHANG Dong;HE De-Biao(School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,China;State Key Laboratory of Cryptology,Beijing 100878,China;State Grid Dalian Electric Power Supply Company,Dalian 116000,China;State Grid Zhengzhou Electric Power Supply Company,Zhengzhou 450000,China)
出处
《密码学报》
CSCD
2020年第6期839-852,共14页
Journal of Cryptologic Research
基金
湖北省科技重大专项重点研发计划(2020AEA013)
国家自然科学基金(61972294,61932016)
湖北省自然科学基金(2020CFA052)
武汉市科技计划(2020010601012187)。
关键词
口令保护
基于身份加密
等值判定
双服务器
password protection
identity-based encryption
equality test
dual-server
