期刊文献+
共找到2篇文章
< 1 >
每页显示 20 50 100
Multi-Factor Password-Authenticated Key Exchange via Pythia PRF Service 被引量:1
1
作者 Zengpeng Li Jiuru Wang +1 位作者 Chang Choi Wenyin Zhang 《Computers, Materials & Continua》 SCIE EI 2020年第5期663-674,共12页
Multi-factor authentication(MFA)was proposed by Pointcheval et al.[Pointcheval and Zimmer(2008)]to improve the security of single-factor(and two-factor)authentication.As the backbone of multi-factor authentication,bio... Multi-factor authentication(MFA)was proposed by Pointcheval et al.[Pointcheval and Zimmer(2008)]to improve the security of single-factor(and two-factor)authentication.As the backbone of multi-factor authentication,biometric data are widely observed.Especially,how to keep the privacy of biometric at the password database without impairing efficiency is still an open question.Using the vulnerability of encryption(or hash)algorithms,the attacker can still launch offline brute-force attacks on encrypted(or hashed)biometric data.To address the potential risk of biometric disclosure at the password database,in this paper,we propose a novel efficient and secure MFA key exchange(later denoted as MFAKE)protocol leveraging the Pythia PRF service and password-to-random(or PTR)protocol.Armed with the PTR protocol,a master password pwd can be translated by the user into independent pseudorandom passwords(or rwd)for each user account with the help of device(e.g.,smart phone).Meanwhile,using the Pythia PRF service,the password database can avoid leakage of the local user’s password and biometric data.This is the first paper to achieve the password and biometric harden service simultaneously using the PTR protocol and Pythia PRF. 展开更多
关键词 multi-factor authentication key exchange biometric data password-to-random Pythia PRF
下载PDF
An Efficient Two-Party Key Exchange Protocol with Strong Security 被引量:2
2
作者 DENG Shaofeng LI Yifa DENG Yiqun 《Wuhan University Journal of Natural Sciences》 CAS 2010年第3期267-271,共5页
Combined public key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys and avoids the inherent key escrow problem of identity-based cryptography. Based on the efficient CPK sc... Combined public key (CPK) cryptography does not need certificates to guarantee the authenticity of public keys and avoids the inherent key escrow problem of identity-based cryptography. Based on the efficient CPK scheme, we present an efficient three-round two-party authenticated key exchange protocol with strong security, which is provably secure in the standard model under the decisional Diffie-Hellman (DDH) assumption. The protocol can keep the session key secret from the adversary except that one party's ephemeral private key and static private key are all revealed to the adversary. Compared to the existing protocols, this protocol not only assures strong security but also is more efficient. 展开更多
关键词 combined public key (CPK) authenticated key exchange protocol strong security standard model
原文传递
上一页 1 下一页 到第
使用帮助 返回顶部