According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. Fir...According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. First, by analyzing the two email protocols, the corresponding man-in-the-middle attacks are proposed, where the adversary forges the messages in the receiving phase to cheat the two communication participants and makes them share the wrong session keys with him. Consequently, the man-in-the-middle attacks can make the two protocols fail to provide perfect forward secrecy. Secondly, by adding corresponding signatures in the receiving phases of the two protocols, two corresponding improvements on the protocols are proposed to overcome the man-in-the-middle attacks on the two protocols and make them provide perfect forward secrecy. Moreover, the two improved protocols can retain all the merits of the former protocols.展开更多
基金The Natural Science Foundation of Jiangsu Province(No.BK2006108)
文摘According to the security shortages of two robust practical email protocols with perfect forward secrecy, attacks on the two protocols are analyzed and corresponding improvements on the two protocols are proposed. First, by analyzing the two email protocols, the corresponding man-in-the-middle attacks are proposed, where the adversary forges the messages in the receiving phase to cheat the two communication participants and makes them share the wrong session keys with him. Consequently, the man-in-the-middle attacks can make the two protocols fail to provide perfect forward secrecy. Secondly, by adding corresponding signatures in the receiving phases of the two protocols, two corresponding improvements on the protocols are proposed to overcome the man-in-the-middle attacks on the two protocols and make them provide perfect forward secrecy. Moreover, the two improved protocols can retain all the merits of the former protocols.
