ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2016, Vol. 53 ›› Issue (10): 2230-2238.doi: 10.7544/issn1000-1239.2016.20160463

所属专题: 2016网络空间共享安全研究进展专题

• 信息安全 • 上一篇    下一篇



  1. (山东大学计算机科学与技术学院 济南 250101) (
  • 出版日期: 2016-10-01
  • 基金资助: 
    国家自然科学基金项目(61572294) This work was supported by the National Natural Science Foundation of China (61572294).

Verifier-Based Three-Party Password Authenticated Key Exchange Protocol

Yang Xiaoyan, Hou Mengbo, Wei Xiaochao   

  1. (School of Computer Science and Technology, Shandong University, Jinan 250101)
  • Online: 2016-10-01

摘要: 三方口令认证密钥交换协议使2个分别与可信服务器共享不同口令的用户建立起秘密的会话密钥.这类协议的优点是用户只需要记忆一个口令就可以与其他注册用户进行通信,因而三方口令认证密钥交换协议更适用于大规模的端到端通信.现有的大多数三方口令认证密钥交换协议均基于随机谕言模型来实现,只有少数协议不依赖服务器拥有公钥,而且在标准模型下是可证明安全的.另外多数协议中的口令以明文的形式存储在服务器上,服务器信息泄露将对用户和服务器的数据安全带来极大的危害.在标准模型下,使用平滑投影Hash函数设计了一个基于验证元的三方口令认证密钥交换协议,并证明了协议的安全性.此协议满足抵抗服务器泄露、不可检测的在线字典攻击和密钥私密性等安全属性.

关键词: 认证密钥交换, 验证元, 平滑投影Hash函数, 三方口令认证密钥交换, 标准模型

Abstract: Three-party password authenticated key exchange (3PAKE) protocols enable two parties to establish a common session key where each party only shares one password with a trusted server. In the situation of large-scale peer-to-peer communication, a user in two-party PAKE protocols has to remember n passwords if the user has n communication parties. The main advantage of 3PAKE protocols is that each user needs only to store a single password when he wants to communicate any party in the peer-to-peer circumstance. However, the security of the existing 3PAKE protocols is generally provided in the random oracle model, and in these protocols, passwords are stored in cleartext on the server. Only a few of protocols are proven secure in the standard model and do not require a server’s public key. We generally assumed that servers are secure. But once the password file in the server is compromised, the damage will be huge. In this paper, we propose a verifier-based three-party password authenticated key exchange protocol constructed by smooth projective Hash functions(SPHFs). The protocol is proven secure in the standard model. Our protocol satisfies the secure properties such as resilient to server corruption, undetectable on-line dictionary attack and key privacy.

Key words: authenticated key exchange (AKE), verifier, smooth projective Hash functions (SPHFs), three-party password authenticated key exchange (3PAKE), standard model