共查询到18条相似文献,搜索用时 46 毫秒
1.
Diffie-Hellman密钥交换是一个可以使通信双方在不可信信道上建立共享密钥,并使之应用于后继对称密钥通信系统的一种密码协议。本原根是实现Diffie-Hellman密钥交换协议的一个核心参数,直接影响协议本身的安全性。对于大素数,确定其本原根是一个复杂的过程,如果根据定义来检测本原根,会因为运算开销太大而影响保密通信性能。本文阐述并证明了一个能够快速确定本原根的算法,给出了流程设计和基于JAVA的程序实现。 相似文献
2.
3.
4.
一个前向安全的基于口令认证的三方密钥交换协议 总被引:1,自引:0,他引:1
目前,文献中提出的基于口令认证的密钥交换协议,很多都是针对两方的情形设计的,即通信双方为客户与服务器,它们通过一个预先共享的口令来进行认证的密钥交换.随着现代通信环境的快速变化,需要能为任意客户间构建一个端到端的安全信道,这种应用的情形与那些文献中所考虑的有很大区别.针对这种情形,文中提出了一个可证前向安全的基于口令认证的三方密钥交换协议,使通信双方在认证服务器的帮助下能相互进行认证并建立一个会话密钥.与前人提出的基于口令认证的三方密钥交换协议相比,该协议在计算代价和通信代价上都较有效,因而更适用于资源受限的环境.此协议的安全性是在口令型的选择基Gap Diffie-Hellman问题难解的假设前提下在随机谕示模型下证明的. 相似文献
5.
6.
《计算机应用与软件》2013,(4)
通过对现有的一个三方密钥交换协议进行安全性分析,指出其存在的安全隐患,并以此为基础提出一个具有完善双向认证机制的三方密钥交换协议。该协议基于计算性Diffie-Hellman问题的难解性,只需三轮就能使通信双方协商好会话密钥,与现有的大多数协议相比具有较高的计算效率,并通过安全性分析证明它是安全的。 相似文献
7.
基于不同口令认证的跨域组密钥协议 总被引:1,自引:0,他引:1
近年来关于基于口令认证的密钥交换协议(PAKE)进行了广泛的研究,基于口令认证的组密钥交换协议已成为安全协议研究的焦点问题.Byun等人也先后提出了基于不同口令认证的跨域环境下端到端的两个客户之间的PAKE(C2C-PAKE)密钥交换协议.然而在实际应用中,往往还需要在多个客户或客户组之间建立安全的通信信道.因此,提出了基于不同口令认证的跨域组间密钥交换协议,该协议将Zhiguo Wan等人所提出的nPAKE+协议扩展到了两个域,实现了两个域中的客户组在域服务器的协助下,建立域间共享的组会话密钥的过程,并给出了安全分析和执行效率的代价分析. 相似文献
8.
Diffie-Hellman(D-H)算法可以实现密码系统的密钥交换,其安全性依赖于计算离散对数的难度,并且Diffie-Hellman密钥交换协议能够提供前向保密性。文中通过分析Diffie-Hellman密钥交换协议,给出了一个可以应用于任何非对称密码体制的具有前向保密的密码协议。 相似文献
9.
为了使格上Diffie-Hellman式密钥交换协议能够实现认证性并且适用于客户-服务器-客户模式的大规模通信,提出了一个基于环上误差学习RLWE的双因子三方认证密钥交换协议。该协议将口令和生物特征作为客户的长期密钥,实现服务器对客户的显式身份认证。首先利用环上误差学习的困难问题的优势(密钥及密文尺寸短、运行效率高)来构造密码体制;其次服务器通过口令和生物特征的哈希值传递环元素,并结合丁式错误协调机制使得通信方获得随机均匀的会话密钥。最后分析表明,该协议适用于大规模通信,提高了通信量,具有更高的安全属性,可以抵抗口令泄露用户假冒攻击。 相似文献
10.
网关口令认证密钥交换协议允许用户和网关在服务器的协助下建立起一个共享的会话密钥,其中用户和服务器之间的认证通过低熵的口令来完成.已有的网关口令认证密钥交换协议对用户的匿名性研究不足.该文基于Diffie-Hellman密钥交换提出了具有强匿名性的网关口令认证密钥交换协议,并且在随机预言模型下基于标准的DDH假设证明了协议的安全性.新协议可以抵抗不可检测在线字典攻击并且计算效率高,安全性和计算效率都优于已有的同类协议. 相似文献
11.
Hong Lai Mehmet A. Orgun Jinghua Xiao Liyin Xue 《Quantum Information Processing》2014,13(7):1523-1535
We propose two fault-tolerant high-capacity quantum key distribution schemes, in which an entangled pair over a collective-noise channel consisting of one logical qubit and one physical qubit can carry four bits of key information. The basic idea is to use 2-extended unitary operations from collective noises together with quantum dense coding. The key messages are encoded on logical qubits of two physical qubits with sixteen 2-extended unitary operations based on collective noises. The key can be recovered using Bell-state analysis on the logical qubit and a single-photon measurement on the physical qubit rather than three-qubit GHZ joint measurements. The proposed protocols require a collation table to be shared between Alice and Bob in advance. Consequently, the key messages carried by an entangled state, in our protocol, have doubled at the price of sharing the collation table between Alice and Bob. However, the efficiency of qubits is enhanced because a quantum bit is more expensive to prepare than a classical bit. 相似文献
12.
Recently, Yang et al. (Quantum Inf Process 12(1):109, 2013) proposed an enhanced quantum blind signature based on two-taste vector formalism. The protocol can prevent signatory Bob from deriving Alice’s message with invisible photon eavesdropping attack or fake photon attack. In this paper, we show that the enhanced protocol also has a loophole that Alice can utilize an entanglement swapping attack to obtain Bob’s secret key and forge Bob’s valid signature at will later. Then, we reanalyze two existing protocols and try to find some further methods to fix them. 相似文献
13.
We introduce a new cryptographic primitive, called proxy re-encryption with keyword search, which is motivated by the following scenario in email systems: Charlie sends an encrypted email, which contains some keywords, such as “urgent”, to Alice under Alice’s public key, and Alice delegates her decryption rights to Bob via her mail server. The desired situations are: (1) Bob can decrypt mails delegated from Alice by using only his private key, (2) Bob’s mail gateway, with a trapdoor from Bob, can test whether the email delegated from Alice contains some keywords, such as “urgent”, (3) Alice and Bob do not wish to give the mail server or mail gateway the access to the content of emails.The function of proxy re-encryption with keyword search (PRES) is the combination of proxy re-encryption (PRE) and public key encryption with keyword search (PEKS). However, a PRES scheme cannot be obtained by directly combining those two schemes, since the resulting scheme is no longer proven secure in our security model. In this paper, a concrete construction is proposed, which is proven secure in the random oracle model, based on the modified Decisional Bilinear Diffie-Hellman assumption. 相似文献
14.
Valery Korzhik Guillermo Morales-Luna 《International Journal of Information Security》2003,1(4):203-210
We consider a cryptographic scenario where some center broadcasts a random binary string to Alice, Bob and Eve over binary symmetric channels with bit error probabilities e A, e B and e E respectively. Alice and Bob share no secret key initially, and their goal is to generate, after public discussion, a common information-theoretically secure key facing an active eavesdropper Eve. Under the condition e AE and e BE, code authentication (CA) can be used as part of a public discussion protocol to solve this problem. This authentication exploits parts of substrings received by Alice and Bob from the broadcasting center as authenticators to messages transmitted in a public discussion. Unfortunately, it happens to be ineffective because it produces a key of small length. We propose a hybrid authentication (HA) that combines both keyless code authentication and key authentication based on an almost strong universal class of hash functions. We prove a theorem that allows estimation of the performance evaluation of hybrid authentication. The selection algorithm for the main HA parameters, given security and reliability thresholds, is presented in detail. 相似文献
15.
Thomas B. Bahder 《Quantum Information Processing》2016,15(3):1069-1080
A simple protocol is described for transferring spatial orientation from Alice to Bob (two spatially separated observers). The two observers are assumed to share quantum singlet states and classical communication. The protocol assumes that Alice and Bob have complete free will (measurement independence) and is based on maximizing the Shannon mutual information between Alice and Bob’s measurement outcomes. Repeated use of this protocol for each spatial axis of Alice allows transfer of a complete three-dimensional reference frame, up to inversion of each of the axes. The technological complexity of this protocol is similar to that needed for BB84 quantum key distribution and hence is much simpler to implement than recently proposed schemes for transmission of reference frames. A second protocol based on a Bayesian formalism is also discussed. 相似文献
16.
17.
Anindita Banerjee Chitra Shukla Kishore Thapliyal Anirban Pathak Prasanta K. Panigrahi 《Quantum Information Processing》2017,16(2):49
A notion of asymmetric quantum dialogue (AQD) is introduced. Conventional protocols of quantum dialogue are essentially symmetric as the users (Alice and Bob) can encode the same amount of classical information. In contrast, the proposed scheme for AQD provides different amount of communication powers to Alice and Bob. The proposed scheme offers an architecture, where the entangled state to be used and the encoding scheme to be shared between Alice and Bob depend on the amount of classical information they want to exchange with each other. The general structure for the AQD scheme has been obtained using a group theoretic structure of the operators introduced in Shukla et al. (Phys Lett A 377:518, 2013). The effect of different types of noises (e.g., amplitude damping and phase damping noise) on the proposed scheme is investigated, and it is shown that the proposed scheme for AQD is robust and it uses an optimized amount of quantum resources. 相似文献