A Two-Party Password-Authenticated Key Exchange Protocol with Verifier

A Two-Party Password-Authenticated Key Exchange Protocol with Verifier

下载PDF

导出

摘要 To tackle with the security lack in the password-authenticated key exchange protocol, this paper proposes a two-party password-authenticated key exchange protocol based on a verifier. In the proposed protocol, a user stores his password in plaintext, and the server stores a verifier for the user’s password, using DL difficult problem and DH difficult problem, through the session between user and server to establish a session key. The security discussion result shows that the proposed protocol provides forward secrecy, and can effectively defend against server compromising fake attacks, dictionary attacks and middleman attacks. Protocol efficiency comparisons reveal our protocol is more reasonable. To tackle with the security lack in the password-authenticated key exchange protocol, this paper proposes a two-party password-authenticated key exchange protocol based on a verifier. In the proposed protocol, a user stores his password in plaintext, and the server stores a verifier for the user’s password, using DL difficult problem and DH difficult problem, through the session between user and server to establish a session key. The security discussion result shows that the proposed protocol provides forward secrecy, and can effectively defend against server compromising fake attacks, dictionary attacks and middleman attacks. Protocol efficiency comparisons reveal our protocol is more reasonable.

作者 Shunbo Xiang Bing Xu Ke Chen Shunbo Xiang;Bing Xu;Ke Chen(School of Computer, Guangdong University of Petrochemical Technology, Maoming, China)

机构地区 School of Computer

出处《Journal of Computer and Communications》 2021年第4期102-109,共8页 电脑和通信（英文）

关键词 VERIFIER Password-Authenticated Key Exchange Fake Attack Dictionary Attack Session Key Verifier Password-Authenticated Key Exchange Fake Attack Dictionary Attack Session Key

分类号 TP3 [自动化与计算机技术—计算机科学与技术]

引文网络
相关文献

参考文献3

1胡学先,刘文芬,张振峰.对两个口令认证密钥交换协议的安全性分析[J].计算机工程与应用,2010,46(18):18-20. 被引量：4
2舒剑,许春香.标准模型下高效的基于口令认证密钥协商协议[J].电子与信息学报,2009,31(11):2716-2719. 被引量：9
3谭示崇,张宁,王育民.新的口令认证密钥协商协议[J].电子科技大学学报,2008,37(1):17-19. 被引量：6

二级参考文献34

1殷胤,李宝.标准模型下可证安全的加密密钥协商协议[J].软件学报,2007,18(2):422-429. 被引量：9
2FENG DengGuo CHEN WeiDong.Modular approach to the design and analysis of password-based security protocols[J].Science in China(Series F),2007,50(3):381-398. 被引量：4
3Bellovin S and Merritt M. Encrypted key exchange: password-based protocol secure against dictionary attacks[C]. Proceedings of the 1992 Conference IEEE computer society symp. on Research in security and privacy, Oakland, USA, 1992: 72-84.
4Bellare M, Pointcheval D, and Rogaway P. Authenticated key exchange secure against dictionary attacks[C]. Proceedings of EUROCRYPT 2000, Bruges, Belgium, LNCS 1807: 139-155.
5Abdalla M, Chevassut O, and Pointcheval D. One-time verifier-based encrypted key exchange[C]. Proceedings of PKC 2005, Les Diablerets, Switzerland, LNCS 3386: 47-64.
6Abdalla M and Pointcheval D, Simple password-based encrypted key exchange protocols[C]. Proceedings of CT-RSA 2005, San Francisco, USA, LNCS 3376: 191-208.
7Shao Jun, Cao Zhen fu, and Wang Li cheng. Efficient password-based authenticated key exchange without Public information[C]. Proceedings of ESORICS 2007, Dresden, Germany, LNCS 4734: 299-310.
8Katz J, Ostrovsky R, and Yung M. Efficient password-authentication key exchange using human- memorable passwords[C]. Proceedings of EUROCRYPT 2001 Innsbruck, Austria, LNCS 2045: 475-494.
9Jiang S Q and Gong G. Password based key exchange with mutual authentication[C]. Proceedings of SAC 2004, Nicosia, Cyprus, LNCS 3357: 267-279.
10Boyd C,Mathuria A.Protocols for authentication and key establishment[M].Berlin : Springer-Verlag, 2003 : 247-266.

共引文献13

1常竞,温翔.一种口令认证密钥交换协议的分析与改进[J].企业导报,2013(22):189-190.
2朱辉,李晖,庞辽军,王育民.新的可证明安全的快速认证协议[J].电子科技大学学报,2009,38(1):55-58. 被引量：1
3舒剑,许春香.高效的口令基认证组密钥协商协议[J].电子科技大学学报,2009,38(3):393-396.
4胡学先,刘文芬,张振峰.对两个口令认证密钥交换协议的安全性分析[J].计算机工程与应用,2010,46(18):18-20. 被引量：4
5项顺伯,彭志平,柯文德.一种可证安全的两方口令认证密钥交换协议[J].计算机工程,2013,39(1):164-167. 被引量：3
6李丽琳,刘柱文.认证密钥协商协议的研究与分析[J].计算机安全,2013(4):43-46. 被引量：1
7项顺伯,彭志平.两轮的口令认证的两方密钥交换协议[J].计算机应用与软件,2013,30(6):175-177.
8项顺伯,赵晶英,陈英俊.可口令认证的两方密钥交换协议之安全性改进[J].微型电脑应用,2014,30(6):7-9.
9项顺伯,赵晶英,柯文德.采用阈下信道的两方口令认证密钥交换协议[J].华侨大学学报（自然科学版）,2014,35(6):665-668.
10项顺伯.基于验证值的两方口令认证密钥交换协议[J].广东石油化工学院学报,2015,25(3):35-37.

1Zhao Zongqu,Ma Shaoti,Wang Yongjun,Tang Yongli,Ye Qing.Two-factor ( biometric and password) authentication key exchange on lattice based on key consensus[J].The Journal of China Universities of Posts and Telecommunications,2020,27(6):42-53. 被引量：2
2Lu ZHOU,Chunpeng GE,Chunhua SU.A privacy preserving two-factor authentication protocol for the Bitcoin SPV nodes[J].Science China(Information Sciences),2020,63(3):30-44. 被引量：1
3E CHEN,Yan ZHU,Changlu LIN,Kewei LV.Zero-pole cancellation for identity-based aggregators:a constant-size designated verifier-set signature[J].Frontiers of Computer Science,2020,14(4):197-210.
4Eman Alharbi,Noha Alsulami,Omar Batarfi.An Enhanced Dragonfly Key Exchange Protocol against Offline Dictionary Attack[J].Journal of Information Security,2015,6(2):69-81.
5董建阔,郑昉昱,林璟锵.基于GPU的X25519/448密钥协商算法的高速实现[J].信息安全学报,2020,5(6):60-74. 被引量：1
6Yongzhong HE,Endalew Elsabeth ALEM,Wei WANG.Hybritus:a password strength checker by ensemble learning from the query feedbacks of websites[J].Frontiers of Computer Science,2020,14(3):189-202. 被引量：1
7Marcello Pinti,Diana Ferraro,Milena Nasi.Microglia activation:a role for mitochondrial DNA?[J].Neural Regeneration Research,2021,16(12):2393-2394. 被引量：3
8Yanyan Liu,Daode Zhang,Yi Deng,Bao Li.(Identity-based)dual receiver encryption from lattice-based programmable hash functions with high min-entropy[J].Cybersecurity,2018,1(1):559-573.
9王华,毛凤明.GDSN商品主数据在商品数字化管理中的应用[J].中国自动识别技术,2021(2):70-74. 被引量：1
10Jiaxin Liu,Yicheng Cheng,Ming Zheng,Bingxiao Yuan,Zimu Wang,Xinying Li,Jie Yin,Mingxiang Ye,Yong Song.Targeting the ubiquitination/deubiquitination process to regulate immune checkpoint pathways[J].Signal Transduction and Targeted Therapy,2021,6(2):425-435. 被引量：7

Journal of Computer and Communications

2021年第4期

浏览历史

内容加载中请稍等...

A Two-Party Password-Authenticated Key Exchange Protocol with Verifier

参考文献3

二级参考文献34

共引文献13

相关作者

相关机构

相关主题

浏览历史