应用科学学报
應用科學學報
응용과학학보
JOURNAL OF APPLIED SCIENCES
2012年
1期
67-74
,共8页
口令认证密钥交换%字典攻击%交互认证%椭圆曲线
口令認證密鑰交換%字典攻擊%交互認證%橢圓麯線
구령인증밀약교환%자전공격%교호인증%타원곡선
password-authenticated key exchange (PAKE)%dictionary attack,mutual authentication%elliptic curve
提出一个适合远程用户的口令认证和密钥交换协议,该协议在不信任网络中运行,无需认证表和交换密钥.新的协议可抵抗被动或主动入侵,甚至内部攻击者的字典攻击,即使弱的口令也可以安全地使用.协议还满足完备的前向安全性,在当前口令泄露后不影响以前会话的安全性.在所提协议中,用户口令并不是以明文的形式储存,因此当攻击者获取智能卡后,并不能直接登录到主机.文中协议高效且安全,可广泛应用于需要口令认证的环境.同以往工作相比,所提协议对分布式或便携式设备更加有效.
提齣一箇適閤遠程用戶的口令認證和密鑰交換協議,該協議在不信任網絡中運行,無需認證錶和交換密鑰.新的協議可牴抗被動或主動入侵,甚至內部攻擊者的字典攻擊,即使弱的口令也可以安全地使用.協議還滿足完備的前嚮安全性,在噹前口令洩露後不影響以前會話的安全性.在所提協議中,用戶口令併不是以明文的形式儲存,因此噹攻擊者穫取智能卡後,併不能直接登錄到主機.文中協議高效且安全,可廣汎應用于需要口令認證的環境.同以往工作相比,所提協議對分佈式或便攜式設備更加有效.
제출일개괄합원정용호적구령인증화밀약교환협의,해협의재불신임망락중운행,무수인증표화교환밀약.신적협의가저항피동혹주동입침,심지내부공격자적자전공격,즉사약적구령야가이안전지사용.협의환만족완비적전향안전성,재당전구령설로후불영향이전회화적안전성.재소제협의중,용호구령병불시이명문적형식저존,인차당공격자획취지능잡후,병불능직접등록도주궤.문중협의고효차안전,가엄범응용우수요구령인증적배경.동이왕공작상비,소제협의대분포식혹편휴식설비경가유효.
The paper presents a new password authentication and key-exchange protocol suitable for remote users without verification table and exchanging keys over an untrusted network.The new protocol can resist dictionary attacks by either passive or active network intruders. Against an insider attacker,even weak password phrases can also be used safely.It also offers perfect forward secrecy,which protects past sessions and passwords against future compromises.Since the user passwords are stored in a form that is not plaintextequivalent to the password itself,an attacker with a smart card cannot use it directly to compromise security and immediately access the host.The proposed protocol is secure,simple,and fast,making it ideal for a wide range of applications in which secure password authentication is required.Compared with the related works,the proposed scheme is more efficient and practical for distributed or portable devices.