新的口令认证密钥协商协议

A New Password-Based Authenticated Key Agreement Protocol

  • 摘要: 针对服务器泄漏攻击,给出了抵抗这种攻击的方法,提出了一个新的基于口令的认证密钥协商协议。在该方案中,用户记住自己的口令,而服务器仅仅存储与口令对应的验证信息。分析结果表明,该方案可以抵抗服务器泄漏攻击、字典攻击和Denning-Sacco攻击等,并且具有前向安全性等性质。

     

    Abstract: Attack, a method of resisting server compromise attack is given and a new password-based authenticated key agreement protocol is proposed. In this protocol, one side (the client) stores a plaintext version of the password, while the other side (the server) only stores a verifier for the password. The analysis of this new protocol shows that the protocol is secure against server compromise attack, dictionary attack,and the Denning-Sacco attack, and provides the property of the perfect forward secrecy.

     

/

返回文章
返回