Journal of University of Science and Technology of China ›› 2011, Vol. 41 ›› Issue (7): 589-593.DOI: 10.3969/j.issn.0253-2778.2011.07.004
Previous Articles Next Articles
HAO Zhuo
Received:
Revised:
Online:
Published:
Abstract: In a distributed network environment, password-authenticated key agreement schemes are fundamental security mechanisms. A security analysis of Chen et al.s scheme [Chen T H, Hsiang H C, Shih W K. Security enhancement on an improvement on two remote user authentication schemes using smart cards. Future Generation Computer Systems, 2011, 27(4): 337-380] was presented. It was found that Chen et al.s scheme cannot resist offline password guessing attacks, and does not have perfect forward secrecy. A security enhanced password-authenticated key agreement scheme was thus proposed. The proposed scheme maintains the good properties of Chen et al.s scheme, is resistant to offline password guessing attack and provides perfect forward secrecy. A security analysis of the proposed scheme demonstrated that it is capable of strong security. It is suitable for providing mutual authentication and key agreement between the user and the server in a distributed environment.
Key words: authenticated key agreement, password authentication, perfect forward secrecy, offline password guessing attack
HAO Zhuo, YU Nenghai. A password-authenticated key agreement scheme with perfect forward secrecy[J]. Journal of University of Science and Technology of China, 2011, 41(7): 589-593.
0 / / Recommend
Add to citation manager EndNote|Ris|BibTeX
URL: http://just-cn.ustc.edu.cn/EN/10.3969/j.issn.0253-2778.2011.07.004
http://just-cn.ustc.edu.cn/EN/Y2011/V41/I7/589
