检索结果-南通市图书馆

An efficient and practical threshold gateway-oriented password-authenticated key exchange protocol in the standard model

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2017年第7期60卷 130-143页

作者： Fushan WEI Jianfeng MA Ruijie ZHANG Chuangui MA Xuan WANG State key Laboratory of Integrated Service Networks Xidian University State key Laboratory of Mathematical Engineering and Advanced Computing The PLA Information Engineering University Engineering University of CAPF

With the assistance of an authentication server, a gateway-oriented password-authenticated key exchange(GPAKE) protocol can establish a common session key shared between a client and a gateway. Unfortunately, a GPAKE protocol becomes totally insecure if an adversary can compromise the authentication server and steal the passwords of the clients. In order to provide resilience against adversaries who can hack into the authentication server, we propose a threshold GPAKE protocol and then present its security proof in the standard model based on the hardness of the decisional Diffie-Hellman(DDH) problem. In our proposal,the password is shared among n authentication servers and is secure unless the adversary corrupts more than t + 1 servers. Our protocol requires n > 3t servers to work. Compared with existing threshold PAKE protocols,our protocol maintains both stronger security and greater efficiency.

关键词： password key exchange gateway threshold provable security

Efficient and secure three-party authenticated key exchange protocol for mobile environments

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Journal of Zhejiang University-Science C(Computers and Electronics) 2013年第5期14卷 347-355页

作者： Chih-ho CHOU Kuo-yu TSAI Tzong-chen WU Kuo-hui YEH Department of Information Management National Taiwan University of Science and Technology Department of Management Information Systems Hwa Hsia Institute of Technology Department of Information Management National Dong Hwa University

Yang and Chang (2009) proposed a three-party authenticated key exchange protocol for securing communications in mobile-commerce environments. Their protocol reduces computation and communication costs by employing elliptic curve cryptosystems. However, Tan (2010) pointed out that Yang and Chang (2009)'s protocol cannot withstand impersonation and parallel attacks, and further proposed an enhanced protocol to resist these attacks. This paper demonstrates that Tan (2010)'s approach still suffers from impersonation attacks, and presents an efficient and secure three-party authenticated key exchange protocol to overcome shown weaknesses.

关键词： Three-party key exchange Authentication Mobile environments

Cryptanalysis of key exchange Protocol Based on Tensor Ergodic Problem

在线全文

学校读者我要写书评

暂无评论

China Communications 2018年第10期15卷 172-181页

作者： Chunsheng Gu Youyu Gu Peizhong Shi Chunpeng Ge Zhenjun Jing School of Computer Engineering Jiangsu University of Technology State key Laboratory of Information Security Institute of Information Engineering Chinese Academy of Sciences School of Mathematics Hefei University of Technology

Recently, Mao, Zhang, Wu et al. constructed two key exchange(KE) protocols based on tensor ergodic problem(TEP). Although they conjectured that these constructions can potentially resist quantum computing attack, they did not provide a rigorous security proof for their KE protocols. In this paper, applying the properties of ergodic matrix, we first present a polynomial time algorithm to solve the TEP problem using O(n^6) arithmetic operations in the finite field, where n is the security parameter. Then, applying this polynomial time algorithm, we generate a common shared key for two TEP-based KE constructions, respectively. In addition, we also provide a polynomial time algorithm with O(n^6) arithmetic operations that directly recovers the plaintext from a ciphertext for the KE-based encryption scheme. Thus, the TEP-based KE protocols and their corresponding encryption schemes are insecure.

关键词： key exchange KE-based encryption tensor decomposition ergodic matrix

Universally Composable Three Party Password-based key exchange Protocol

在线全文

学校读者我要写书评

暂无评论

China Communications 2009年第3期6卷 150-155页

作者： Deng Miaolei Ma Jianfeng Le Fulong School of Computer Xidian University Xi＇an 710071 China Institute of Science Information Engineering University Zhengzhou 450001 China

Within the framework of universal composability,an appropriate ideal functionality that captures the basic security requirements of three party password-based key exchange was defined. An efficient real-word three party password-based key exchange protocol was also *** protocol securely realizes the ideal functionality with respect to static party *** it provides security guarantees under arbitrary composition with other protocols.

关键词： Diffie-Hellman attack key exchange universally composable protocol security

An enhanced key exchange protocol exhibiting key compromise impersonation attacks resistance in mobile commerce environment

在线全文

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2021年第9期64卷 249-251页

作者： Ting CHEN Xinghua LI Qingfeng CHENG School of Cyber Engineering Xidian University State key Laboratory of Mathematical Engineering and Advanced Computing

Dear editor,Numerous three-party authenticated key exchange(3 PAKE)protocols have been presented, which allow the establishment of a secure session by utilizing a session key shared between two clients with the assistance of a server trusted by both the clients via an unprotected network communication environment. The 3 PAKE protocols can be applied to various scenarios, including mobile commerce environment.

关键词： three-party authentication key exchange key compromise impersonation attack mobile-commerce environments security analysis

同方期刊数据库

CMQV+:An authenticated key exchange protocol from CMQV

在线全文

学校读者我要写书评

暂无评论

Science China(Information Sciences) 2012年第7期55卷 1666-1674页

作者： LI Hui 1,2 & WU ChuanKun 1 1 State key Laboratory of Information Security,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China 2 Graduate University of Chinese Academy of Sciences,Beijing 100049,China State key Laboratory of Information Security Institute of Software Chinese Academy of Sciences Beijing China Graduate University of Chinese Academy of Sciences Beijing China

Ustaoglu presents a secure and efficient key exchange protocol named CMQV,based on the design rationales of HMQV and *** with the latter two protocols,on one hand,CMQV achieves high performance of HMQV,and on the other,it is proven secure in eCK model as NAXOS ***,CMQV enjoys the security proof under gap Diffie-Hellman assumption as indicated by its *** this paper,we propose a variant of CMQV,called CMQV+,which is proven secure under a weaker assumption (*** Diffie-Hellman assumption) in eCK model with random oracles while maintaining the high-performance feature of CMQV as much as possible.

关键词： key exchange eCK model trapdoor-test technique provable security CDH assumption

Simple and Efficient Password-Based Authenticated key exchange Protocol

在线全文

同方期刊数据库

学校读者我要写书评

暂无评论

Journal of Shanghai Jiaotong university(Science) 2011年第4期16卷 459-465页

作者：王立斌潘嘉昕马昌社 School of Computer South China Normal University

Password-based authenticated key exchange(PAKE) protocols are cryptographic primitives which enable two entities,who only share a memorable password,to identify each other and to communicate over a public unreliable network with a secure session *** this paper,we propose a simple,efficient and provably secure PAKE protocol based on Diffie-Hellman key exchange and cryptographic hash *** protocol is secure against dictionary *** security is proved based on the hardness of the computational Diffie-Hellman problem in the random oracle model.

关键词： password authentication key exchange provable security

Modified Harn Authentication key exchange Scheme

在线全文

学校读者我要写书评

暂无评论

The Journal of China Universities of Posts and Telecommunications 2000年第1期7卷 75-77页

作者： LIZi-chen LIZhong-xian 等 InformationSecurityCenter BeijingUniversityofPostsandTelecommunicationsBeijing100876P.R.China Infor

Recently, Harn proposed one digital signature scheme for Diffie-Hellman key exchange system. In this paper, we point out at first that there is a weakness in Harn's system and then we propose two modified schemes to a... 详细信息

关键词： Digital signature key exchange Cryptography

A Security Patch for a Three-Party key exchange Protocol

维普期刊数据库评论

在线全文

维普期刊数据库

学校读者我要写书评

暂无评论

Wuhan University Journal of Natural Sciences 2010年第3期15卷 242-246页

作者： ZHAO Jianjie GU Dawu School of Information Security Engineering Shanghai Jiao Tong University Shanghai 200240 China Department of Computer Science and Engineering Shanghai Jiao Tong University Shanghai 200240 China

The CLC protocol （proposed by Tzung-Her Chen, Wei-Bin Lee and Hsing-Bai Chen, CLC, for short） is a new three-party password-authenticated key exchange （3PAKE） protocol. This CLC protocol provides a superior round efficiency （only three rounds）, and its resources required for computation are relatively few. However, we find that the leakage of values VA and VB in the CLC protocol will make a man-in-the-middle attack feasible in practice, where VA and VB are the authentication information chosen by the server for the participants A and B. In this paper, we describe our attack on the CLC protocol and further present a modified 3PAKE protocol, which is essentially an improved CLC protocol. Our protocol can resist attacks available, including man-in-the-middle attack we mount on the initial CLC protocol. Meanwhile, we allow that the participants choose their own pass- words by themselves, thus avoiding the danger that the server is controlled in the initialization phase. Also, the computational cost of our protocol is lower than that of the CLC protocol.

关键词： information security authentication key exchange man-in-the-middle attack