以公開金鑰憑證達成具有認證性的金鑰交換協定

Abstract

在1999年6月Seo和Sweeney提出一個簡單可認證的金鑰交換協定，使用以密碼為基礎的方法，並結合修改的Diffie-Hellman金鑰交換協定。事實上，Seo-Sweeney協定仍舊有招受反向重送攻擊的弱點。從1999年至2000年10月，共提出三個協定，並且將注意力集中於金鑰的確認階段提供交談金鑰認證。若在金鑰的建立階段即招受攻擊，則似乎有點太晚確認交談金鑰。在2003年有提出兩個協定，以密碼為基礎的方法加上時戳的使用，解決上述三個協定所面臨的問題。可是使用以密碼為基礎的方法和時戳，仍然有些問題。根據本論文，以公開金鑰的方式，提出二個新穎且實用，並具有認證性的金鑰交換協定。採用時戳和公開金鑰憑證，處理因使用以密碼為基礎的方法，所引起的問題。希望我們的協定，將會更實用並適合任意的兩個實體，在不安全的網路環境下，溝通並對分享的交談金鑰取得一致的意見。

In June 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol using a password-based method and modified Diffie-Hellman key agreement protocol to provide key authentication. In fact, the Seo-Sweeney protocol is still vulnerable to the reflective replay attack. From June 1999 to October 2000, there were three protocols proposed and they concentrated their attentions on the key validation phase to provide session key authentication. It seems too late to ensure the validation of the session key once the key establishment phase is attacked. In 2003, there are two protocols proposed which use a pre-share password method and the concept of timestamp to solve the problem in the previous three protocols. There are some problems in the use of a password-based method. According to this thesis we propose two novel and practical protocols for authenticated key agreement in the asymmetric (public-key) setting. We adopt the timestamp and public-key certificates to deal with some problems caused by the password-based method. Hope our protocols will be more practical and suitable for two arbitrary entities communicating over an insecure network to agree on a shared session key.