以密碼為基礎的動態會議金鑰系統

Abstract

要在開放式的網路上召開一個會議而不被竊聽，所有的會議參與者在召開會議前，應該要先建立起一個共同的會議金鑰，以用來加密通訊的內容。但為了防止惡意的參與者蓄意欺騙，使得正確的參與者不能計算出共同的會議金鑰值，所以如何讓合法的使用者建立同樣的會議金鑰值，就是一個重要的問題。 以往會議參與者的身份認證是用人類難以記憶長度的金鑰值，例如：公開金鑰系統，這限制了參與者的活動性，因此如何使用人類可記憶的密碼當金鑰值，是一個值得研究的方向。此外，由於現今網路系統的高變動性，使得會議參與者的變動性變得更加頻繁，如何在較少回合數達到參與者的加入與離開，是另一個值得研究的方向。 因此在本篇論文中，提出一個可以讓合法參與者以密碼當身份認證，並且在較少的回合數裡，建立正確會議金鑰與處理參與者變動性的協定。

We want to hold a conference via an open Internet, and no passive adversary can eavesdrop the communication. Then all participants should establish a common conference key to encrypt the communication before we start a conference. Futhermore, for the sake of preventing some malicious participants prepensely cheating honest participants to compute the different conference keys, there is a very important issue how to let honest participants establish the common conference key. Formerly, participants use keys that people are hard to memorize then to authenticate themself, for example, Public key system, this limits the move of participants. Therefore, there is a research-worthy issue how to use passwords that people can memorize then easlily as keys. Besides these, due to the variation of moderm network system, the variations of participants become more frequent. There is another research-worhty issue how participant join and leave in less rounds. Thus, in this paper, we proposed one reoound-efficient conference agreement protocol that honest participants can use password to authenticate themself and protocol can deal with the variations of participants.