Gateway-oriented password-based authenticated key exchange (GPAKE) protocal is a three-party protocol, which allows a client and a gateway to establish a common session key with the help of an authentication server.To date, most of the published protocols for GPAKE were based on Diffie-Hellman key exchange.This paper presents the first provably-secure GPAKE protocol using RSA.It is based on the protocol PEKEP of Zhang and is provably-secure in the random oracle model under the RSA assumption.Furthermore, the proposed protocol can resist both e-residue and undetectable on-line dictionary attacks.%网关口令认证密钥交换协议是一个三方协议,使得用户和网关在服务器的协助下建立起一个安全的会话密钥,从而实现用户和网关之间的安全通信.已有的网关口令认证密钥交换协议都是基于Diffie-Hellman密钥交换设计的.利用张木想所设计的PEKEP协议,提出了基于RSA体制的可证明安全的网关口令认证密钥交换协议.在随机预言模型下,基于RSA假设证明了协议的安全性.该协议可以抵抗e次剩余攻击和不可检测在线字典攻击.
展开▼
