The Research On Password-based Key Agreement Protocols

In today’s increasingly complex network environment, how to ensure the security of session among participants is a hot research point concerned by people. Key establishment is an information security technique that enables communicating entities establishes a session key known only to them, with some assurance that they know each other’s identities. This session key can be applied to subsequent network systems including live conference, online video games, collaborative work spaces and much more. A password-based authenticated key agreement (PAKA) protocol is a type of key establishment protocol in which the long-term keys of the clients are human-memorable passwords. These are much more convenient than using additional cryptographic devices capable of storing high-entropy secret keys, but the protocol design is harder because their entropy is low. PAKA protocols have been extensively studied since such protocols avoid that the protocols based on PKI.The main works in this thesis are listed as follows:We summarize some methods to analyze security of key agreement and compare them. We also summarize the attacks against the key agreement protocols and point out the basic security goals for secure key agreement protocols.We analyze two two-party password-based authenticated key agreement protocols which are provably secure in standard models and point out these two protocols cannot resist active attacks initiated by outside adversary. We also research the proof processes for the two protocols and find the drawbacks.We propose a new three-party password-based authenticated key agreement protocol on the elliptic curve cryptosystem, the security of the new protocol is based on the discrete logarithm on elliptic curve, the server need not be completely trusted. The results of security analysis and efficiency analysis show that the new protocol realizes the secure communication under the low computational cost.We analyze the three-party password-based authenticated key agreement protocol proposed by Gaoyou Huang, Wenhua Chu and Xiong Wang and find that if the verification values are stolen or lost, the adversary can initiate the man-in-the-middle attack. We describe this attack and propose an improved protocol. The security analysis and the efficiency analysis show that our new protocol can realize the secure communication using lower computational cost.