使用ElGamal加密機制的通行碼驗證與金鑰交換協定

Abstract

兩個人Alice和Bob共有一個通行碼(短，較不安全)，欲用該通行碼來驗證對方身份並產生一把交談金鑰(長，較安全)，之後利用這把交談金鑰來對欲傳送的資料做加密，避免資料在不安全的網路上傳送時被攻擊者擷取而得知內容。這個問題稱為通行碼驗證與金鑰交換問題。 由於雙方事先所共有的通行碼的長度要為人類所能輕易記住的大小，但這卻代表通行碼容易遭受到一些特殊攻擊法的攻擊，例如：竊聽攻擊法、重送攻擊法、字典攻擊法…等，而被攻擊者得到這珍貴的通行碼。 因此在本篇論文中，提出一個通行碼驗證與金鑰交換協定，能夠抵擋這些攻擊法，並對我們提出的協定做一個完整的安全性證明。

Alice and Bob have shared a password (short, insecure), they want to authenticate each other and generate a session key(long, secure) by this password; then using this session key to encrypt messages between them and avoiding the data or information been intercepted by attacker on the insecure internet transmission and cause the intruders get the substance. This problem is called "Password-authenticated key exchange problem". Due to the length of their share password must be easy to remember for people, it means password can be attacked by some special facility approach. For example, Eavesdropping attack、Replay attack、Dictionary attack…etc. and then cause it lose the valuable password. Therefore, in this paper, we propose a password-authenticated key exchange protocol that can be able to resist those attack, and moreover providing a complete and security proof of the protocol that we proposed.