| 新型三方口令认证密钥协商协议的安全性分析与改进 |
| |
| 引用本文: | 李丽琳,刘柱文. 新型三方口令认证密钥协商协议的安全性分析与改进[J]. 计算机应用, 2011, 31(8): 2192-2195. DOI: 10.3724/SP.J.1087.2011.02192 |
| |
| 作者姓名: | 李丽琳 刘柱文 |
| |
| 作者单位: | 永州职业技术学院 计算机系,湖南 永州425000 |
| |
| 摘 要: | 口令认证密钥协商(PAKA)是认证密钥协商(AKA)中的重要分支之一。研究了一种新型三方口令认证密钥协商--3REKA的安全性,发现如果参与双方的验证值丢失,将导致严重的中间人攻击,这一攻击的结果是敌手可以与参与者各自建立独立的会话密钥。描述了这一攻击,并对原协议进行了改进,提出了I-3REKA协议。安全性和性能分析表明,所提出的协议以较低的计算量实现了参与双方的安全通信。
|
| 关 键 词: | 信息安全 密钥协商 口令 中间人攻击 |
| 收稿时间: | 2011-02-16 |
| 修稿时间: | 2011-04-11 |
Analysis and improvement on new three-party password-based authenticated key agreement protocol |
| |
| LI Li-lin,LIU Zhu-wen. Analysis and improvement on new three-party password-based authenticated key agreement protocol[J]. Journal of Computer Applications, 2011, 31(8): 2192-2195. DOI: 10.3724/SP.J.1087.2011.02192 |
| |
| Authors: | LI Li-lin LIU Zhu-wen |
| |
| Affiliation: | Computer Department, Yongzhou Vocational Technology College, Yongzhou Hunan 425000, China |
| |
| Abstract: | Password-based Authenticated Key Agreement (PAKA) is an important research point of Authenticated Key Agreement (AKA) protocols. The authors analyzed a new protocol named three-party Round Efficient Key Agreement (3REKA) and found that if the verification values were stolen or lost, the adversary could initiate the man-in-the-middle attack. The result of this attack was serious: the adversary could establish two session keys with two different participants. This attack was described and an improved protocol called Improved 3REKA (I-3REKA) was proposed in this paper. The analysis on the security and performance show that the proposed protocol can realize secure communication with lower computational cost. |
| |
| Keywords: | information security key agreement password man-in-the-middle attack |
| 本文献已被 CNKI 万方数据 等数据库收录! |
| 点击此处可从《计算机应用》浏览原始摘要信息 |
|
点击此处可从《计算机应用》下载全文 |
