改进的客户端到客户端密码认证密钥交换协议

The Second International Conference on Availability, Reliability and Security (ARES'07) Pub Date : 2007-04-10 DOI:10.1109/ARES.2007.99

Yao Gang, Feng Dengguo, Han Xiaoxi

{"title":"改进的客户端到客户端密码认证密钥交换协议","authors":"Yao Gang, Feng Dengguo, Han Xiaoxi","doi":"10.1109/ARES.2007.99","DOIUrl":null,"url":null,"abstract":"Password-authenticated key exchange protocols allow two entities who only share a human-memorable password to authenticate each other and agree on a large session key. Most password authenticated key exchange protocols provide an authenticated key exchange between a client and a server based on a pre-shared password. With the development of modern communication environments, it is necessary to design a secure authenticated key exchange between clients. In ICICS'02, Byun et al. presented a client to client password-authenticated key exchange protocol in a cross-realm setting. But the protocol is vulnerable to some attacks by an insider adversary or outsider adversary. In this paper, we present an improved protocol to solve the problem, and prove the improved protocol is secure against all types of attacks considered in the paper","PeriodicalId":383015,"journal":{"name":"The Second International Conference on Availability, Reliability and Security (ARES'07)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-04-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Improved Client-to-Client Password-Authenticated Key Exchange Protocol\",\"authors\":\"Yao Gang, Feng Dengguo, Han Xiaoxi\",\"doi\":\"10.1109/ARES.2007.99\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Password-authenticated key exchange protocols allow two entities who only share a human-memorable password to authenticate each other and agree on a large session key. Most password authenticated key exchange protocols provide an authenticated key exchange between a client and a server based on a pre-shared password. With the development of modern communication environments, it is necessary to design a secure authenticated key exchange between clients. In ICICS'02, Byun et al. presented a client to client password-authenticated key exchange protocol in a cross-realm setting. But the protocol is vulnerable to some attacks by an insider adversary or outsider adversary. In this paper, we present an improved protocol to solve the problem, and prove the improved protocol is secure against all types of attacks considered in the paper\",\"PeriodicalId\":383015,\"journal\":{\"name\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"volume\":\"16 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-04-10\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"The Second International Conference on Availability, Reliability and Security (ARES'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ARES.2007.99\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"The Second International Conference on Availability, Reliability and Security (ARES'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ARES.2007.99","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

密码认证密钥交换协议允许两个只共享人类可记住的密码的实体相互验证并就一个大的会话密钥达成一致。大多数密码身份验证密钥交换协议都基于预共享密码在客户机和服务器之间提供身份验证密钥交换。随着现代通信环境的发展，有必要设计一种安全的客户端认证密钥交换机制。在ICICS'02中，byn等人提出了跨领域设置中的客户机到客户机密码认证密钥交换协议。但是该协议很容易受到内部对手或外部对手的攻击。在本文中，我们提出了一个改进的协议来解决这个问题，并证明了改进的协议对本文所考虑的所有类型的攻击都是安全的

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Improved Client-to-Client Password-Authenticated Key Exchange Protocol

Password-authenticated key exchange protocols allow two entities who only share a human-memorable password to authenticate each other and agree on a large session key. Most password authenticated key exchange protocols provide an authenticated key exchange between a client and a server based on a pre-shared password. With the development of modern communication environments, it is necessary to design a secure authenticated key exchange between clients. In ICICS'02, Byun et al. presented a client to client password-authenticated key exchange protocol in a cross-realm setting. But the protocol is vulnerable to some attacks by an insider adversary or outsider adversary. In this paper, we present an improved protocol to solve the problem, and prove the improved protocol is secure against all types of attacks considered in the paper

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

The Second International Conference on Availability, Reliability and Security (ARES'07)

自引率

0.00%

发文量