Research On Password-Based Three-Party Authenticated Key Exchange Protocol

With the rapid development of network and information technology, the demand for information security and privacy protection increases. Secure cryptography system is essential for communication on a public insecure channel. The core secret of secure cryptography system is the key. How to protect the security of these keys is what key management needs to study. With the development of modern cryptography, authenticated key exchange, as a part of key management, has become one of the most important problems in cryptography research. In this paper, we review the development of authenticated key exchange protocol and analyze the pros and cons of key exchange protocols in different authenticated mechanisms. Among the authenticated key exchange protocols, password-based three-party authenticated key exchange protocol has the property that human-memorable password, easy maintenance, scalability and so on, thus has been widely used in modern communication networks. However due to the inherent defects of password generation, the password is a secret of low entropy value and is vulnerable to password guessing attacks. So far most password-based authenticated key exchange protocols cannot meet the security requirements. There are still problems to study about password-based three-party authenticated key exchange protocol.In this thesis, we discussed the security models of such protocols and analyzed its security. Through analysis, we found some vulnerabilities in protocol design and launched some attacks. Through deep research, we proposed a strong password-based three-party authenticated key exchange protocol, based on the computational Diffie-Hellman assumption and one-way hash function. We also analyzed the security of the protocol and gave the proof. The result of comparison with other protocols shows that our protocol is secure and efficient and meets a series of security property. Meanwhile, as to the key compromise of the trusted server, we also proposed a variety of protocol based on password verifier.