共查询到18条相似文献,搜索用时 140 毫秒
1.
2.
3.
文章提出一种新的基于离散对数的单/多密钥交换协议.本协议具有身份认证功能,可以避免DiffieHellman协议中存在的漏洞--中间人攻击,而且它不使用散列函数,即可进行单密钥交换又可进行多密钥交换.与基于离散对数签名方案的变体的那一类密钥交换协议[7,8]相比,本协议具有一定程度的隐私性. 相似文献
4.
5.
6.
针对物联网移动RFID系统标签隐私信息的访问控制以及用户身份隐私保护问题,本文采用身份加密和属性加密相结合的方法,建立了IB-AB-eCK安全模型,设计了基于身份及属性的认证密钥交换协议IB-AB-AKE。基于IB-AB-AKE协议,提出了移动RFID手机与信息服务器之间认证密钥交换协议,实现了在保护移动RFID手机用户身份隐私的同时,根据标签所有者定制的访问控制策略进行标签信息的访问控制认证和会话密钥交换,防止了隐私信息被非法访问。分析表明,IB-AB-AKE协议在IB-AB-eCK模型下是安全的,且在通信次数、通信量及计算量方面具有优势。 相似文献
7.
8.
9.
10.
安全的认证密钥协商协议研究 总被引:1,自引:0,他引:1
对基于证书的密钥协商协议的设计与分析进行了比较深入的研究,研究内容包括:可证明安全的基于证书的密钥协商协议以及一种新的可认证密钥协商协议。主要研究成果有:介绍了密钥协商协议的概念和安全特性;提出一个新的认证密钥交换协议AKE-1。AKE-1效率较高,并且在最新的eCK07模型下是安全的,证明基于随机预言假设和CDH假设。另外,基于AKE-1,提出一轮的变体(满足只有一个实体在线)和三轮的变体(提供密钥确认属性),以满足不同的应用。 相似文献
11.
12.
Within the framework of universal composability, an appropriate ideal functionality that captures the basic security requirements of three party password-based key exchange was defined. An efficient real-word three party password-based key exchange protocol was also proposed. This protocol securely realizes the ideal functionality with respect to static party corruption. Thus it provides security guarantees under arbitrary composition with other protocols. 相似文献
13.
Canetti and Herzog have already proposed universally composable symbolic analysis (UCSA) to analyze mutual authentication and key exchange protocols. However, they do not analyze group key exchange protocol. Therefore, this paper explores an approach to analyze group key exchange protocols, which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt (BD) protocol with three participants against passive adversary (3-BD-Passive). In a nutshell, our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography. 相似文献
14.
提出了一个高效的无证书盲签名方案。在随机预言机模型下,证明了新方案在适应性选择消息、选择身份攻击下是存在不可伪造的,能够有效抵抗AI攻击者的替换公钥攻击和AⅡ攻击者的KGC攻击。方案中在签名阶段没有任何双线性对运算,在验证阶段只有一个双线性对运算,并且不需要使用映射到点(Mapto Point)的特殊哈希函数。与已有方案相比,所提方案在计算量上更具优势。同时方案采用无证书公钥密码体制,解决了基于证书签名方案的证书管理问题和基于身份签名方案的密钥托管问题。 相似文献
15.
16.
Hao proposed the YAK as a robust key agreement based on public‐key authentication, and the author claimed that the YAK protocol withstands all known attacks and therefore is secure against an extremely strong adversary. However, Toorani showed the security flaws in the YAK protocol. This paper shows that the YAK protocol cannot withstand the known key security attack, and its consequences lead us to introduce a new key compromise impersonation attack, where an adversary is allowed to reveal both the shared static secret key between two‐party participation and the ephemeral private key of the initiator party in order to mount this attack. In addition, we present a new security model that covers these attacks against an extremely strong adversary. Moreover, we propose an improved YAK protocol to remedy these attacks and the previous attacks mentioned by Toorani on the YAK protocol, and the proposed protocol uses a verification mechanism in its block design that provides entity authentication and key confirmation. Meanwhile, we show that the proposed protocol is secure in the proposed formal security model under the gap Diffie‐Hellman assumption and the random oracle assumption. Moreover, we verify the security of the proposed protocol and YAK protocol by using an automatic verification method such as the Scyther tool, and the verification result shows that the security claims of the proposed protocol are proven, in contrast to those of the YAK protocol, which are not proven. The security and performance comparisons show that the improved YAK protocol outperforms previous related protocols. 相似文献
17.
Universally composable three‐party password‐authenticated key exchange with contributiveness 下载免费PDF全文
Xuexian Hu Zhenfeng Zhang Qihui Zhang 《International Journal of Communication Systems》2015,28(6):1100-1111
Three‐party password‐authenticated key exchange (3PAKE) allows two clients, each sharing a password with a trusted server, to establish a session key with the help of the server. It is a quite practical mechanism for establishing secure channels in a large communication network. However, most current 3PAKE protocols are analyzed in security models that do not adequately address protocol composition problem. In this paper, an ideal functionality for 3PAKE within the universal composability framework is defined, which not only provides security guarantees under arbitrary composition with other protocols but also achieves contributiveness and explicit authentication. Moreover, we propose a generic construction of contributory 3PAKE protocol and prove that it securely realizes the ideal functionality in the static corruption model. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献