基于验证元的三方口令认证密钥交换协议

杨晓燕; 侯孟波; 魏晓超

doi:10.7544/issn1000-1239.2016.20160463

基于验证元的三方口令认证密钥交换协议

(山东大学计算机科学与技术学院济南 250101) (xyyang@sdu.edu.cn)

基金项目: 国家自然科学基金项目(61572294) This work was supported by the National Natural Science Foundation of China (61572294).

详细信息

中图分类号: TP309
计量
- 文章访问数: 1336
- HTML全文浏览量: 0
- PDF下载量: 478
出版历程
- 发布日期: 2016-09-30

Verifier-Based Three-Party Password Authenticated Key Exchange Protocol

(School of Computer Science and Technology, Shandong University, Jinan 250101)

摘要

摘要: 三方口令认证密钥交换协议使2个分别与可信服务器共享不同口令的用户建立起秘密的会话密钥.这类协议的优点是用户只需要记忆一个口令就可以与其他注册用户进行通信，因而三方口令认证密钥交换协议更适用于大规模的端到端通信.现有的大多数三方口令认证密钥交换协议均基于随机谕言模型来实现，只有少数协议不依赖服务器拥有公钥，而且在标准模型下是可证明安全的.另外多数协议中的口令以明文的形式存储在服务器上，服务器信息泄露将对用户和服务器的数据安全带来极大的危害.在标准模型下，使用平滑投影Hash函数设计了一个基于验证元的三方口令认证密钥交换协议，并证明了协议的安全性.此协议满足抵抗服务器泄露、不可检测的在线字典攻击和密钥私密性等安全属性.
- 认证密钥交换 /
- 验证元 /
- 平滑投影Hash函数 /
- 三方口令认证密钥交换 /
- 标准模型
Abstract: Three-party password authenticated key exchange (3PAKE) protocols enable two parties to establish a common session key where each party only shares one password with a trusted server. In the situation of large-scale peer-to-peer communication, a user in two-party PAKE protocols has to remember n passwords if the user has n communication parties. The main advantage of 3PAKE protocols is that each user needs only to store a single password when he wants to communicate any party in the peer-to-peer circumstance. However, the security of the existing 3PAKE protocols is generally provided in the random oracle model, and in these protocols, passwords are stored in cleartext on the server. Only a few of protocols are proven secure in the standard model and do not require a server’s public key. We generally assumed that servers are secure. But once the password file in the server is compromised, the damage will be huge. In this paper, we propose a verifier-based three-party password authenticated key exchange protocol constructed by smooth projective Hash functions(SPHFs). The protocol is proven secure in the standard model. Our protocol satisfies the secure properties such as resilient to server corruption, undetectable on-line dictionary attack and key privacy.
- authenticated key exchange (AKE) /
- verifier /
- smooth projective Hash functions (SPHFs) /
- three-party password authenticated key exchange (3PAKE) /
- standard model

HTML全文

参考文献(0)

施引文献(4)

期刊类型引用(3)

1.	王松，徐雅静，刘新民. 基于Conv-BiLSTM模型的虚拟社区用户生成内容创新价值识别问题研究：交互协同的视角. 数据分析与知识发现. 2023(04): 77-88 . 百度学术
2.	杨小霞，杨建喜，李韧，罗梦婷，蒋仕新，王桂平，杨一帆. 桥梁检测领域知识图谱构建与知识问答方法. 计算机应用. 2022(S1): 28-36 . 百度学术
3.	曹惠茹，成海秀，连松耀，王毅. 面向网络论坛的文本数据获取与存储方法研究. 现代信息科技. 2021(01): 7-12 . 百度学术