| With the development of computer network and communication technology, it has been very urgent to ensure the information security over the public networks. Authentication is one of the methods to avoid illegal access to the system resources. In recent years, e-commerce and e-government are becoming more and more popular; the security of password authentication protocols are brought to the much attention, there have lots of applications in network communication.This dissertation firstly makes a brief description about authentication protocols and its security. Then, the related mathematical knowledge is reviewed. At last, we research on password authentication and key exchange protocols. The main contributions are as follows:1. We show that four smart card based password authentication protocols are insecure which using timestamp and nonce, respectively.2. We show that a nonce and hash based password authentication and key exchange protocol using smart card is insecure. It cannot resist offline password guessing attack and forgery attack. To avoid these weaknesses, an improvement is proposed.3. An efficient and secure new mutual authentication and key exchange protocol is proposed, which only needs one step to pass through the mutual authentication and is provably secure in random oracle model. |
PDF Full Text Request