中文

Journal of Applied Sciences ›› 2012, Vol. 30 ›› Issue (1): 67-74.doi: 10.3969/j.issn.0255-8297.2012.01.011

• Communication Engineering • Previous Articles     Next Articles

Robust and Efficient Password-Authenticated Key Agreement Scheme Based on Elliptic Curve Cryptosystem

LIU Tian-hua1, ZHU Hong-feng1, PAN Jeng-shyang2   

  1. 1. Software College, Shenyang Normal University, Shenyang 110034
    2. Department of Electronic Engineering, National Kaohsiung University of Applied Sciences, Taiwan
  • Online:2012-02-09 Published:2012-01-30
  • Supported by:

    Project supported by Liaoning Provincial Natural Science Foundation (No. 20102202, No. 201102201), Foundation of Liaoning
    Educational Committee (No. 2009A665), Liaoning Baiqianwan Talents Program

PDF

1881

Cited

15

Abstract:

Abstract: The paper presents a new password authentication and key-exchange protocol suitable for remote users without verification table and exchanging keys over an untrusted network. The new protocol can resist dictionary attacks by either passive or active network intruders. Against an insider attacker, even weak
password phrases can also be used safely. It also offers perfect forward secrecy, which protects past sessions and passwords against future compromises. Since the user passwords are stored in a form that is not plaintextequivalent to the password itself, an attacker with a smart card cannot use it directly to compromise security and immediately access the host. The proposed protocol is secure, simple, and fast, making it ideal for a wide range of applications in which secure password authentication is required. Compared with the related works, the proposed scheme is more efficient and practical for distributed or portable devices.

Key words:  password-authenticated key exchange (PAKE), dictionary attack,, mutual authentication,, elliptic curve

CLC Number: