计算机应用 ›› 2011, Vol. 31 ›› Issue (08): 2192-2195.DOI: 10.3724/SP.J.1087.2011.02192

• 信息安全 • 上一篇    下一篇

新型三方口令认证密钥协商协议的安全性分析与改进

李丽琳,刘柱文   

  1. 永州职业技术学院 计算机系,湖南 永州425000
  • 收稿日期:2011-02-16 修回日期:2011-04-11 发布日期:2011-08-01 出版日期:2011-08-01
  • 通讯作者: 李丽琳
  • 作者简介:李丽琳(1975-),女,湖南永州人,讲师,主要研究方向:密码学、计算机安全、计算机软件;刘柱文(1973-),男,湖南永州人,副教授,主要研究方向:密码学、计算机安全。

Analysis and improvement on new three-party password-based authenticated key agreement protocol

Li-lin LI,Zhu-wen LIU   

  1. Computer Department, Yongzhou Vocational Technology College, Yongzhou Hunan 425000, China
  • Received:2011-02-16 Revised:2011-04-11 Online:2011-08-01 Published:2011-08-01
  • Contact: Li-lin LI

摘要: 口令认证密钥协商(PAKA)是认证密钥协商(AKA)中的重要分支之一。研究了一种新型三方口令认证密钥协商——3REKA的安全性,发现如果参与双方的验证值丢失,将导致严重的中间人攻击,这一攻击的结果是敌手可以与参与者各自建立独立的会话密钥。描述了这一攻击,并对原协议进行了改进,提出了I-3REKA协议。安全性和性能分析表明,所提出的协议以较低的计算量实现了参与双方的安全通信。

关键词: 信息安全, 密钥协商, 口令, 中间人攻击

Abstract: Password-based Authenticated Key Agreement (PAKA) is an important research point of Authenticated Key Agreement (AKA) protocols. The authors analyzed a new protocol named three-party Round Efficient Key Agreement (3REKA) and found that if the verification values were stolen or lost, the adversary could initiate the man-in-the-middle attack. The result of this attack was serious: the adversary could establish two session keys with two different participants. This attack was described and an improved protocol called Improved 3REKA (I-3REKA) was proposed in this paper. The analysis on the security and performance show that the proposed protocol can realize secure communication with lower computational cost.

Key words: information security, key agreement, password, man-in-the-middle attack

中图分类号: