| 一种新的双方认证密钥协商协议的安全性分析 |
| |
| 引用本文: | 周四方.一种新的双方认证密钥协商协议的安全性分析[J].计算机应用,2011,31(11):2994-2996. |
| |
| 作者姓名: | 周四方 |
| |
| 作者单位: | 永州职业技术学院 计算机系,湖南 永州 425000 |
| |
| 摘 要: | 2010年,Mohammad等人提出了一种新的双方认证密钥协商协议(MOHAMMAD Z, CHEN Y, HSU C, et al. Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols. IETE Technical Review, 2010,27(3):252-65)。新协议以较高的运算效率实现了参与者双方的身份认证和密钥协商。对该协议的单轮版本进行了安全性分析,通过模拟协议中某些信息丢失后协议双方的通信过程,发现如果协议中的一些秘密信息丢失,敌手可以发起信息泄露伪装攻击、密钥泄露伪装攻击和一般定义下的伪装攻击,也无法抵抗中间人攻击。这些攻击都可以使得敌手冒充合法参与者发起或回应会话。
|
| 关 键 词: | 信息安全 密钥协商 伪装攻击 认证机制 |
| 收稿时间: | 2011-04-08 |
| 修稿时间: | 2011-06-22 |
Analysis and improvement on a new three-party password-based authenticated key agreement protocol |
| |
| ZHOU Si-fang.Analysis and improvement on a new three-party password-based authenticated key agreement protocol[J].journal of Computer Applications,2011,31(11):2994-2996. |
| |
| Authors: | ZHOU Si-fang |
| |
| Affiliation: | Computer Department, Yongzhou Vocational Technology College, Yongzhou Hunan 425000, China |
| |
| Abstract: | In 2010, Z. Mohammad proposed a new two-party authenticated key agreement protocol (MOHAMMAD Z, CHEN Y, HSU C, et al. Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols. IETE Technical Review, 2010,27(3):252-65). This protocol realizes the key agreement with higher computation efficiency. However, the one-round version of this protocol cannot resist on the loss of information impersonation attack, key compromise impersonation attack and general impersonation attack, this protocol is also vulnerable to man-in-the-middle attack if some security information is lost. These security problems allow the adversary can initiate or reply the protocol with legal participants. |
| |
| Keywords: | information security key agreement impersonation attack authentication mechanism |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
|
