tailieunhanh - Báo cáo hóa học: " Anonymous gateway-oriented password-based authenticated key exchange based on RSA"

Tuyển tập các báo cáo nghiên cứu về hóa học được đăng trên tạp chí hóa hoc quốc tế đề tài : Anonymous gateway-oriented password-based authenticated key exchange based on RSA | Wei et al. EURASIP Journal on Wireless Communications and Networking 2011 2011 162 http content 2011 1 162 o EURASIP Journal on Wireless Communications and Networking a SpringerOpen Journal RESEARCH Open Access Anonymous gateway-oriented password-based authenticated key exchange based on RSA Fushan Wei Chuangui Ma and Qingfeng Cheng Abstract A gateway-oriented password-based authenticated key exchange GPAKE is a three-party protocol which allows a client and a gateway to establish a common session key with the help of an authentication server. To date most of the published protocols for GPAKE have been based on Diffie-Hellman key exchange. In this article we present the first GPAKE protocol based on RSA then prove its security in the random oracle model under the RSA assumption. Furthermore our protocol can resist both e-residue and undetectable on-line dictionary attacks. Finally we investigate whether or not a GPAKE protocol can achieve both client anonymity and resistance against undetectable on-line dictionary attacks by a malicious gateway. We provide an affirmative answer by adding client anonymity with respect to the server. Preprint submitted to EURASIP JWCN October 16 2011 to our basic protocol. Keywords RSA password-based authentication gateway anonymity random oracle 1. Introduction . Password-based authenticated key exchange Password-based authenticated key exchange PAKE protocols allow users to securely establish a common key over an insecure open network only using a low-entropy and human-memorable password. Owing to the low entropy of passwords PAKE protocols are susceptible to so-called dictionary attacks 1 . Dictionary attacks can be classified into three types 1 on-line off-line and undetectable on-line dictionary attacks. In on-line dictionary attacks an adversary first guesses a password and tries to verify the password using responses from a server in an on-line manner. On-line password guessing attacks can be easily

TÀI LIỆU LIÊN QUAN