Title: | a new client-to-client password-authenticated key agreement protocol |
Author: | Feng Deng-Guo
; Xu Jing
|
Source: | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
|
Conference Name: | 2nd International Workshop on Coding and Cryptology
|
Conference Date: | JUN 01-05,
|
Issued Date: | 2009
|
Conference Place: | Zhangjiajie, PEOPLES R CHINA
|
Keyword: | Password-authenticated key agreement
|
Publisher: | CODING AND CRYPTOLOGY, PROCEEDINGS
|
Publish Place: | HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY
|
Indexed Type: | 其他
|
ISSN: | 0302-9743
|
ISBN: | 978-3-642-01813-8
|
Department: | Feng, Deng-Guo; Xu, Jing Chinese Acad Sci, Inst Software, State Key Lab Informat Secur, Beijing, Peoples R China.
|
Sponsorship: | Natl Univ Defen Technol, China & Nanyang Technol Univ, NUDT
|
English Abstract: | Client-to-clinet password-authenticated key agreement (C2C-PAKA) protocol deals with the authenticated key agreement process between two clients of different realms, who only share their passwords with their own servers. Recently, Byun et al. 13 proposed an efficient C2C-PAKA protocol and carried a claimed proof of security in a formal model of communication and adversarial capabilities. In this paper, we show that the protocol is insecure against password-compromise impersonation attack and the claim of provable security is seriously incorrect. To draw lessons from these results, we revealed fatal flaws in Byun et. al.s security model and their proof of security. Then, we modify formal security model and corresponding security definitions. In addition, a new cross-realm C2C-PAKA protocol is presented with security proof. |
Language: | 英语
|
Content Type: | 会议论文
|
URI: | http://ir.iscas.ac.cn/handle/311060/8358
|
Appears in Collections: | 信息安全国家重点实验室_会议论文
|
File Name/ File Size |
Content Type |
Version |
Access |
License |
|
a new client-to-client password-authenticated key agreement protocol.pdf(261KB) | -- | -- | 限制开放 | -- | 联系获取全文 |
|
Recommended Citation: |
Feng Deng-Guo,Xu Jing. a new client-to-client password-authenticated key agreement protocol[C]. 见:2nd International Workshop on Coding and Cryptology. Zhangjiajie, PEOPLES R CHINA. JUN 01-05,.
|
|
|