| In cryptography,computational security which relies on finite computing power is used to analyze the security of cryptography scheme. Although it is not perfect security, it can meet the security need of most practical applications and is widely used in modern cryptography. As an important cryptograpy scheme, Message Authentication Code(MAC) is an important way to protect data integrity and security. A key derivation function(KDF)as the core part of MAC as well aspassword-based authentication scheme can beapplied not only as password_based key derivation function but also as authentication scheme.In this paper, we use thecomputational theory to conduct research on the password-based authentication mechanismof the key derivation function PBKDF2. We take Mac OS X Mountain Lion as an example to study its authentication scheme and evaluate its security. We also propose a new password authentication mechanism FKDF-MAC. The main results in our study are as follows:(1) According to the Adversary’s Advantage of PBKDF2in Mac OS X authentication scheme, the security of MAC depends on password space and the computational power of the adversary.Then we propose two optimization schemes that increase the computational power4times.We exhaust password search experiment simulating attacks on the NVIDIA GPU graphics card to analysize how the computational power impacts on its security, and give advice on setting user’s password and password space.(2) We propose a new MAC(denoted FKDF-MAC) with a feedback mode,which is based on PBKDF2.Then we analysize its security with provable security theory.Finally,we instantiate FKDF-MAC on NVIDIA GPU graphic cards,construct exhaustive password search experiments, to analyze how different password space impacts its security.. |
PDF Full Text Request