| 新的三方密钥交换协议 |
| |
| 引用本文: | 柳秀梅,周福才,刘广伟,常桂然.新的三方密钥交换协议[J].东北大学学报(自然科学版),2009,30(7). |
| |
| 作者姓名: | 柳秀梅 周福才 刘广伟 常桂然 |
| |
| 作者单位: | 1. 东北大学,计算中心,辽宁,沈阳,110004
2. 东北大学,信息科学与工程学院,辽宁,沈阳,110004 |
| |
| 基金项目: | 国家高技术研究发展计划(863计划),辽宁省自然科学基金,教育部高等学校博士学科点专项科研基金 |
| |
| 摘 要: | 针对基于口令认证机制的密钥交换协议容易遭受口令猜测和服务器假冒等多种攻击的缺点,提出了基于验证值认证机制的新的三方密钥交换协议.新协议中的验证值是基于口令的变换,并代替口令被保存在服务器端.服务器不仅以验证值来认证用户的身份,并且要通过验证值协助用户之间协商出会话密钥.而口令则作为私钥由用户自己保存.对新协议的安全进行分析,表明该协议可以抵御多种攻击,说明协议是安全的,同时对协议的效率评估还表明该协议具有较高的效率.
|
| 关 键 词: | 口令认证 验证值 密钥交换 服务器假冒攻击 口令猜测攻击 |
A New Key Exchange Protocol for Three-parties |
| |
| LIU Xiu-mei,ZHOU Fu-cai,LIU Guang-wei,CHANG Gui-ran.A New Key Exchange Protocol for Three-parties[J].Journal of Northeastern University(Natural Science),2009,30(7). |
| |
| Authors: | LIU Xiu-mei ZHOU Fu-cai LIU Guang-wei CHANG Gui-ran |
| |
| Institution: | LIU Xiu-mei1,ZHOU Fu-cai2,LIU Guang-wei2,CHANG Gui-ran1(1.Computing Center,Northeastern University,Shenyang 110004,China,2.School of Information Science & Engineering,China.) |
| |
| Abstract: | To eliminate the disadvantages that the password-authentication key exchange protocols are vulnerable to password guessing attacks and server compromised impersonation attack,a new verifier-based key exchange protocol for three-parties is proposed.In the new protocol the verifier is based on the change of password instead of storing it in the server.In this way the verifier enables the server not only to authenticate user's identity but assist the users to determine a common session key through negotiation.... |
| |
| Keywords: | password-authentication verifier key exchange server compromised impersonation attack password guessing attack |
| 本文献已被 CNKI 万方数据 等数据库收录! |
|
