a new client-to-client password-authenticated key agreement protocol
文献类型:会议论文
| 作者 | Feng Deng-Guo ; Xu Jing |
| 出版日期 | 2009 |
| 会议名称 | 2nd International Workshop on Coding and Cryptology |
| 会议日期 | JUN 01-05, |
| 会议地点 | Zhangjiajie, PEOPLES R CHINA |
| 关键词 | Password-authenticated key agreement |
| 页码 | 63-76 |
| 英文摘要 | Client-to-clinet password-authenticated key agreement (C2C-PAKA) protocol deals with the authenticated key agreement process between two clients of different realms, who only share their passwords with their own servers. Recently, Byun et al. 13 proposed an efficient C2C-PAKA protocol and carried a claimed proof of security in a formal model of communication and adversarial capabilities. In this paper, we show that the protocol is insecure against password-compromise impersonation attack and the claim of provable security is seriously incorrect. To draw lessons from these results, we revealed fatal flaws in Byun et. al.s security model and their proof of security. Then, we modify formal security model and corresponding security definitions. In addition, a new cross-realm C2C-PAKA protocol is presented with security proof. |
| 收录类别 | 其他 |
| 会议主办者 | Natl Univ Defen Technol, China & Nanyang Technol Univ, NUDT |
| 会议录 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
 |
| 会议录出版者 | CODING AND CRYPTOLOGY, PROCEEDINGS |
| 会议录出版地 | HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY |
| 语种 | 英语 |
| ISSN号 | 0302-9743 |
| ISBN号 | 978-3-642-01813-8 |
| 源URL | [http://124.16.136.157/handle/311060/8358]  |
| 专题 | 软件研究所_信息安全国家重点实验室_会议论文 |
| 推荐引用方式 GB/T 7714 | Feng Deng-Guo,Xu Jing. a new client-to-client password-authenticated key agreement protocol[C]. 见:2nd International Workshop on Coding and Cryptology. Zhangjiajie, PEOPLES R CHINA. JUN 01-05,. |
入库方式: OAI收割
来源:软件研究所
浏览0
下载0
收藏0
其他版本
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。