一种高效的匿名口令认证密钥交换协议
An Efficient Anonymous Password-based Authenticated Key Exchange Protocol
投稿时间:2017-11-28  修订日期:2017-11-28
DOI:
中文关键词: 密钥交换协议  匿名认证  认证密钥交换协议  口令认证  可证明安全
英文关键词: Key Exchange Protocol  Anonymous Authentication  Authenticated Key Exchange  Password-based Authentication  Provable Security
基金项目:国家自然科学基金项目(面上项目,重点项目,重大项目)
作者单位E-mail
阮鸥 湖北工业大学 ruanou@163.com 
王子豪 湖北工业大学  
张明武 湖北工业大学  
摘要点击次数: 161
全文下载次数: 
中文摘要:
      针对云计算等网络新应用中用户隐私保护问题,提出了基于椭圆曲线CDH假设的匿名口令认证密钥交换 (Anonymous Password-based Authenticated Key Exchange,APAKE)协议,通过它用户既能与服务器建立共享会话密钥,又不会暴露其真实身份信息. 通过系统模型、安全模型定义及严格的形式化证明,验证了新APAKE协议满足正确性、PAKE安全性及用户匿名性. 通过与现有协议对比分析表明:新APAKE协议既能抵抗身份冒充攻击及离线口令猜测攻击,也提供双向认证; 协议效率得到很大提高,客户端及服务器端计算复杂度均有大幅降低.
英文摘要:
      According to the problem of protecting users’ privacy in the new applications of network such as cloud computing, an anonymous password-based authenticated key exchange (APAKE) based on CDH assumption of elliptic curve cryptography is proposed, in which a client can establish a shared session key with the server authentically and anonymously. The system model, security model and formal proofs illustrate that the proposed APAKE protocol satisfies three properties: correctness, PAKE security and user’ privacy. Based on the analyzes with the existing APAKE protocols, it is shown that the protocol is secure against impersonating attack and off-line dictionary attack, and provides mutual authentication; and the new construction is more efficient than others’ APAKE protocols.
View Fulltext   查看/发表评论  下载PDF阅读器
关闭