| 一个具有完备前向安全性的基于口令认证密钥协商方案 |
| |
| 引用本文: | 郝卓,俞能海.一个具有完备前向安全性的基于口令认证密钥协商方案[J].中国科学技术大学学报,2011,41(7). |
| |
| 作者姓名: | 郝卓 俞能海 |
| |
| 作者单位: | 中国科学技术大学电子工程与信息科学系,安徽合肥,230027 |
| |
| 基金项目: | 国家科技重大专项(2010ZX03004-003)资助 |
| |
| 摘 要: | 在基于网络的分布式环境中,基于口令的认证密钥协商方案是一项基本的安全防护机制.对一个已有的基于口令的认证密钥协商方案Chen T H,Hsiang H C,Shih W K.Securityenhancement on an improvement on two remote user authentication schemes using smart cards.Future Generation Computer Systems,2011,27(4):337-380]做了安全分析,指出其易受离线口令猜测攻击,并且不具备完备的前向安全性.在此基础上,提出了一个安全性增强的远程口令认证密钥协商方案.所提出的方案继承了已有方案的优良性质,能够抵抗离线口令猜测攻击,并且具有完备的前向安全性.经过安全分析,论证了所提出的方案具有强安全性,适合于在分布式环境中对用户和服务器提供双向认证和密钥协商.
|
| 关 键 词: | 认证密钥协商 口令认证 完备前向安全性 离线口令猜测攻击 |
A password-authenticated key agreement scheme with perfect forward secrecy |
| |
| HAO Zhuo,YU Nenghai.A password-authenticated key agreement scheme with perfect forward secrecy[J].Journal of University of Science and Technology of China,2011,41(7). |
| |
| Authors: | HAO Zhuo YU Nenghai |
| |
| Institution: | HAO Zhuo,YU Nenghai (Department of Electronic Engineering and Information Science,University of Science and Technology of China,Hefei 230027,China) |
| |
| Abstract: | In a distributed network environment,password-authenticated key agreement schemes are fundamental security mechanisms.A security analysis of Chen et al.'s scheme Chen T H,Hsiang H C,Shih W K.Security enhancement on an improvement on two remote user authentication schemes using smart cards.Future Generation Computer Systems,2011,27(4): 337-380] was presented.It was found that Chen et al.'s scheme cannot resist offline password guessing attacks,and does not have perfect forward secrecy.A security enhanced pa... |
| |
| Keywords: | authenticated key agreement password authentication perfect forward secrecy offline password guessing attack |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
