| 一种无证书认证密钥协商协议的分析与改进* |
| |
| 引用本文: | 舒剑.一种无证书认证密钥协商协议的分析与改进*[J].计算机应用研究,2012,29(1):294-296. |
| |
| 作者姓名: | 舒剑 |
| |
| 作者单位: | 江西财经大学电子商务系,南昌330013;电子科技大学计算机科学与工程学院,成都611731 |
| |
| 基金项目: | 国家“863”计划资助项目(2009AA012415) |
| |
| 摘 要: | 研究无证书公钥密码系统中两方认证密钥协商协议问题。对Liu xu的无证书两方认证密钥协商协议进行安全性分析,指出该方案不具有强安全性。该方案不能抵抗密钥泄露伪装攻击和临时私钥泄露攻击。分析了方案不安全的原因,在此基础上提出一个改进的方案来修正Liu xu的方案。因此,设计看似安全的无证书两方认证密钥协商协议并不困难,但要给出协议的安全性证明并不容易。
|
| 关 键 词: | 认证 密钥协商 无证书密码学 强安全性 密钥泄露 |
Analysis and improvement certificateless authenticated key agreement protocol |
| |
| SHU Jian.Analysis and improvement certificateless authenticated key agreement protocol[J].Application Research of Computers,2012,29(1):294-296. |
| |
| Authors: | SHU Jian |
| |
| Affiliation: | (1. Dept.of Electronic Commerce, Jianxi University of Finance & Economics, Nanchang 330013, China; 2. School of Computer Science & Engineering,University of Electronic Science & Technology of China,Chengdu 611731, China) |
| |
| Abstract: | This paper studied two-party authenticated agreement protocol in the certificateless public setting.Analyzed the security of Liu-xu’s certificateless authenticated two-party key agreement protocol,and it was shown that the scheme did not achieve strong security.The scheme was vulnerable to key compromise impersonation attack and leakage of ephemeral secrets attack.The reason why the attack can work was analyzed and proposed an improved scheme to remove the attack.It is not hard to devise certificateless authenticated two-party key agreement protocols that look secure,but making the proofs word is not always so simple. |
| |
| Keywords: | authentication key agreement certificateless cryptography strong security key compromise |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用研究》浏览原始摘要信息 |
|
点击此处可从《计算机应用研究》下载全文 |
