计算机工程与应用2011,Vol.47Issue(10):101-105,5.DOI:10.3778/j.issn.1002-8331.2011.10.029
两个三方口令密钥交换协议的安全性分析
Seeurity analysis of two password-authenticated key exchange protocol for three-party.
摘要
Abstract
This paper first presents the security analysis of two verifier-based password-authenticated key exchange protocols for three-party and points out that they are both insecure. Thereinto,the LZC protocol can not resist server compromise attack, unknown key-share attack, insider attack and undetectable on-line dictionary attack;the LWZ protocol can not resist unknown key-share attack, insider attack and replay attack. Then, this paper gives an improvement of the LWZ protocol to gain a new protocol-NLWZ protocol. Lastly,under the DDH assumption,the detailed security proof of NLWZ protocol is presented. Compared with previous protocols,NLWZ protocol has lower communication and computation, so it can have higher potential application.关键词
三方密钥交换/基于口令验证/基于验证元/双线性对Key words
key exchange for three-party/password-based authentication/verifier-based/bilinear pairs分类
信息技术与安全科学引用本文复制引用
邓少锋,邓帆,李益发..两个三方口令密钥交换协议的安全性分析[J].计算机工程与应用,2011,47(10):101-105,5.基金项目
国家部委预研基金. ()
