计算机工程与应用 ›› 2012, Vol. 48 ›› Issue (3): 21-23.

• 博士论坛 • 上一篇    下一篇

一种无证书两方密钥协商方案的分析与改进

舒 剑   

  1. 1.江西财经大学 电子商务系,南昌 330013
    2.电子科技大学 计算机科学与工程学院,成都 611731
  • 收稿日期:1900-01-01 修回日期:1900-01-01 出版日期:2012-01-21 发布日期:2012-01-21

Analysis and improvement of certificateless two-party key agreement scheme

SHU Jian   

  1. 1.Department of E-Commerce, Jiangxi University of Finance and Economics, Nanchang 330013, China
    2.School of Computer Science and Engineering, University of Electronic Science and Technology of China, Chengdu 611731, China
  • Received:1900-01-01 Revised:1900-01-01 Online:2012-01-21 Published:2012-01-21

摘要: 基于签密方案,Liu-Xu构造了一个高效的无证书两方认证密钥协商协议。对Liu-Xu的方案进行安全性分析,指出由于传送消息存在冗余,该方案不具有强安全性。该方案不能抵抗被动攻击和主动攻击。提出一个改进的方案来修正上述问题,新方案没有使用签密方案。分析结果表明,新协议的效率和安全性提高明显。

关键词: 签密, 密钥协商, 强安全性, 冗余, 被动攻击, 主动攻击

Abstract: Based on signcryption scheme, Liu-Xu proposes an efficient certificateless authenticated two-party key agreement protocol. Security analysis shows that the scheme hasn’t achieved strong security due to redundancy of the exchange messages. The scheme is vulnerable to passive attack and active attack. To overcome the problem mentioned above, an improved scheme without using signcryption scheme is proposed. Analysis result proves that the efficiency and security of the proposed protocol is improved.

Key words: signcryption, key agreement, strong security, redundancy, passive attack, active attack