An efficient client-client password-based authentication scheme with provable security

Mohammad Sabzinejad Farash; Mahmoud Ahmadian Attari

首页> 外文期刊>Journal of supercomputing >An efficient client-client password-based authentication scheme with provable security

【24h】

An efficient client-client password-based authentication scheme with provable security

机译：高效的基于客户端-客户端密码的身份验证方案，具有可证明的安全性

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

Recently, Tso proposed a three-party password-based authenticated key exchange (3PAKE) protocol. This protocol allows two clients to authenticate each other and establish a secure session key through a server over an insecure channel. The main security goals of such protocols are authentication and privacy. However, we show that Tso's protocol achieves neither authentication goal nor privacy goal. In this paper, we indicate that the privacy and authentication goals of Tso's protocol will be broken by off-line password guessing attack and impersonation attack, respectively. To overcome the weaknesses, we propose an improved 3PAKE protocol to achieve more security and performance than related protocols. The security of the proposed improved protocol is proved in random oracle model.

机译：最近，Tso提出了一种基于三方密码的认证密钥交换（3PAKE）协议。该协议允许两个客户端进行身份验证，并通过服务器在不安全的通道上建立安全的会话密钥。这种协议的主要安全目标是身份验证和隐私。但是，我们证明了Tso的协议既没有达到认证目标，也没有达到隐私目标。在本文中，我们指出，离线密码猜测攻击和模拟攻击将分别破坏Tso协议的隐私和身份验证目标。为了克服这些弱点，我们提出了一种改进的3PAKE协议，以实现比相关协议更高的安全性和性能。在随机预言机模型中证明了该改进协议的安全性。

著录项

来源
《Journal of supercomputing》 |2014年第2期|1002-1022|共21页
作者
Mohammad Sabzinejad Farash; Mahmoud Ahmadian Attari;
展开▼
作者单位

Faculty of Mathematical Sciences and Computer, Kharazmi University, Tehran, Iran;

Faculty of Electrical and Computer Engineering, K.N. Toosi University of Technology, Tehran, Iran;

展开▼
收录信息美国《科学引文索引》(SCI);美国《工程索引》(EI);
原文格式 PDF
正文语种 eng
中图分类
关键词
Password-based authentication; Key exchange protocol; Off-line password guessing attack; Impersonation attack; Random oracle model;

机译：基于密码的身份验证;密钥交换协议;离线密码猜测攻击;冒充他人攻击;随机预言模型;

相似文献

外文文献
中文文献
专利

1. An Efficient Password-Based Authenticated Key Exchange Protocol with Provable Security for Mobile Client-Client Networks [J] . Heydari Mohammad, Sadough S. Mohammad Sajad, Farash Mohammad Sabzinejad, Wireless personal communications: An Internaional Journal . 2016,第2期

机译：针对移动客户端-客户端网络的有效的，基于密码的，经过身份验证的密钥交换协议，具有可证明的安全性
2. A provably secure password-based anonymous authentication scheme for wireless body area networks [J] . Fushan Wei, P. Vijayakumar, Jian Shen, Computers and Electrical Engineering . 2018,第期

机译：用于无线体积网络网络的可透明基于安全的密码的匿名认证方案
3. Efficient provably secure password-based explicit authenticated key agreement [J] . Ruan Ou, Kumar Neeraj, He Debiao, Pervasive and Mobile Computing . 2015,第Null期

机译：高效，可验证的基于密码的显式身份验证密钥协议
4. An Efficient Provably Secure Password-Based Authenticated Key Agreement [C] . Hanqiu Xu, Qingping Wang, Jing Zhou, International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing . 2017

机译：一种高效的基于安全的密码经过认证的密钥协议
5. An access control scheme for partially ordered set hierarchy with provable security. [D] . Wu, Jiang. 2005

机译：具有可证明安全性的部分有序集层次结构的访问控制方案。
6. An Efficient User Authentication and User Anonymity Scheme with Provably Security for IoT-Based Medical Care System [O] . Chun-Ta Li, Tsu-Yang Wu, Chin-Ling Chen, 2017

机译：基于物联网的医疗系统的有效用户身份验证和用户匿名方案具有可证明的安全性
7. On the security of a provably secure, efficient, and flexible authentication scheme for ad hoc wireless sensor networks [O] . Jun He, Zheng Yang, Jianxun Zhang, 2018

机译：关于Ad Hoc无线传感器网络的可证实安全，高效和灵活的认证方案的安全性

An efficient client-client password-based authentication scheme with provable security

摘要

著录项

相似文献

相关主题

期刊订阅