English

应用科学学报 ›› 2012, Vol. 30 ›› Issue (1): 67-74.doi: 10.3969/j.issn.0255-8297.2012.01.011

• 通信工程 • 上一篇    下一篇

基于椭圆曲线的强壮高效口令认证密钥协商方案

刘天华1, 朱宏峰1, 潘正祥2   

  1. 1. 沈阳师范大学软件学院, 沈阳110034
    2. 高雄应用科技大学电子工程系, 台湾
  • 出版日期:2012-02-09 发布日期:2012-01-30
  • 作者简介:Corresponding author PAN Jeng-shyang, professor, research interests including soft computing, information security and signal processing, E-mail: jspan@cc.kuas.edu.tw

Robust and Efficient Password-Authenticated Key Agreement Scheme Based on Elliptic Curve Cryptosystem

LIU Tian-hua1, ZHU Hong-feng1, PAN Jeng-shyang2   

  1. 1. Software College, Shenyang Normal University, Shenyang 110034
    2. Department of Electronic Engineering, National Kaohsiung University of Applied Sciences, Taiwan
  • Online:2012-02-09 Published:2012-01-30
  • Supported by:

    Project supported by Liaoning Provincial Natural Science Foundation (No. 20102202, No. 201102201), Foundation of Liaoning
    Educational Committee (No. 2009A665), Liaoning Baiqianwan Talents Program

PDF

1831

被引次数

1

摘要:

提出一个适合远程用户的口令认证和密钥交换协议,该协议在不信任网络中运行,无需认证表和交换密钥. 新的协议可抵抗被动或主动入侵,甚至内部攻击者的字典攻击,即使弱的口令也可以安全地使用. 协议还满足完备的前向安全性,在当前口令泄露后不影响以前会话的安全性. 在所提协议中,用户口令并不是以明文的形式储
存,因此当攻击者获取智能卡后,并不能直接登录到主机. 文中协议高效且安全,可广泛应用于需要口令认证的环境. 同以往工作相比,所提协议对分布式或便携式设备更加有效.

关键词: 口令认证密钥交换, 字典攻击, 交互认证, 椭圆曲线

Abstract:

Abstract: The paper presents a new password authentication and key-exchange protocol suitable for remote users without verification table and exchanging keys over an untrusted network. The new protocol can resist dictionary attacks by either passive or active network intruders. Against an insider attacker, even weak
password phrases can also be used safely. It also offers perfect forward secrecy, which protects past sessions and passwords against future compromises. Since the user passwords are stored in a form that is not plaintextequivalent to the password itself, an attacker with a smart card cannot use it directly to compromise security and immediately access the host. The proposed protocol is secure, simple, and fast, making it ideal for a wide range of applications in which secure password authentication is required. Compared with the related works, the proposed scheme is more efficient and practical for distributed or portable devices.

Key words:  password-authenticated key exchange (PAKE), dictionary attack,, mutual authentication,, elliptic curve

中图分类号: