| 基于椭圆曲线的跨域端到端口令认证密钥协商协议 |
| |
| 引用本文: | 张晓敏.基于椭圆曲线的跨域端到端口令认证密钥协商协议[J].网络安全技术与应用,2012(8):21-24. |
| |
| 作者姓名: | 张晓敏 |
| |
| 作者单位: | 陕西省行政学院,陕西,710068 |
| |
| 摘 要: | 跨域端到端口令认证密钥协商协议(C2C-PAKA)的主要目的是使分布在不同域中持有不同口令的两个客户端可以在各自服务器的协助下实现相互认证并协商出共同的会话密钥。本文中,我们基于椭圆曲线上的离散对数问题,在直接通信架构下给出一个跨域的口令认证的密钥协商协议。该协议中,诚实的服务器是不能获取任何关于会话密钥的值。各参与方之间能够实现相互认证。与同类协议比较,该协议具有较小的通信负担和计算负担,更易于实现。此外,协议还能够抵抗字典攻击、口令泄露模仿攻击和未知会话密钥共享攻击等通用攻击类型,同时能够实现前向安全、无密钥控制和已知会话密钥安全等安全属性。
|
| 关 键 词: | 密钥协商 跨域 口令 字典攻击 |
Cross-realm Client-to-client Password-authenticated Key Agreement Protocol Based on Elliptic Curve Cryptosystem |
| |
| Zhang Xiaomin.Cross-realm Client-to-client Password-authenticated Key Agreement Protocol Based on Elliptic Curve Cryptosystem[J].Net Security Technologies and Application,2012(8):21-24. |
| |
| Authors: | Zhang Xiaomin |
| |
| Affiliation: | Zhang Xiaomin Shanxi Administration School Shanxi 710068.China |
| |
| Abstract: | Cross-realm client-to-client password-authenticated key agreement protocol aims at establishing session key and realizing authentication between clients from different realms with the help of corresponding sewers. In this paper, based on elliptic curve cryptosystem, we proposed a cross-realm password- authenticated key agreement protocol in indirect communication model. The honest but curious servers could not obtain the session key in the protocol. Authentication can be realized among participants. Compared with similar protocols, the protocol need lower communication cost and computation cost. Besides, the protocol could resist dictionary attacks, password compromised impersonation attack and unknown-key share attack: At the same time, forward secrecy, no key control and known session key security can be realized. |
| |
| Keywords: | Key agreement Cross-realm Password Dictionary attack |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
|
