| 具有可信第三方的认证协议的安全性 |
| |
| 引用本文: | 卓继亮,蔺慧丽,李先贤.具有可信第三方的认证协议的安全性[J].计算机应用研究,2004,21(12):109-112. |
| |
| 作者姓名: | 卓继亮 蔺慧丽 李先贤 |
| |
| 作者单位: | 北京航空航天大学,计算机学院,北京,100083 |
| |
| 基金项目: | 国防基础科研计划项目(J1300B005);国家“863”计划资助项目(2003AA144150) |
| |
| 摘 要: | 讨论了面向通过可信第三方完成对等双方的身份认证并建立一个安全的会话密钥需求的一类认证协议。分析了这类协议的设计目标,将协议的安全性归纳为对协议中所建立会话密钥的四点需求:保密性、真实性、新鲜性和一致性, 并进一步通过实例说明了不满足这些需求的协议可能遭受到的攻击。最后给出对于设计这类协议的一些建议原则,并分析了一个设计较好的协议范例。
|
| 关 键 词: | 身份认证 密钥交换 可信第三方 安全协议 |
| 文章编号: | 1001-3695(2004)12-0109-04 |
| 修稿时间: | 2004年1月8日 |
Security of Authentication Protocols Involving Trusted Third Party |
| |
| ZHUO Ji-liang,LIN Hui-li,LI Xian-xian.Security of Authentication Protocols Involving Trusted Third Party[J].Application Research of Computers,2004,21(12):109-112. |
| |
| Authors: | ZHUO Ji-liang LIN Hui-li LI Xian-xian |
| |
| Affiliation: | (School of Computer Science & Engineering, Beihang University, Beijing 100083, China) |
| |
| Abstract: | One class of authentication protocols oriented such a requirement which authenticates mutually and establishes a session key between the peer-to-peer entities through the trusted third party are discussed. The design goals of this class of protocols are analyzed,and the security of protocols is formulated to four requirements for the session keys established from the protocols, which are secrecy, reality, freshness and consistency. Several examples are put out to elaborate the possible attacks on the protocols which are not meeting these requirements. Finally, some principals to design this class of protocols are suggested, and then a protocol is described as a case of good design. |
| |
| Keywords: | Authentication Key Exchange Trusted Third Party Security Protocol |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
|
