论文部分内容阅读
In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of “weak computational indistinguishability” based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of “weak pseudorandomness”. Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.
In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of “weak computational indistinguishability ” based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, ie, the theory of “weak pseudorandomness ”. Further, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, ie, password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.