当前位置: X-MOL 学术Int. J. Inf. Secur. › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
Public key versus symmetric key cryptography in client–server authentication protocols
International Journal of Information Security ( IF 2.4 ) Pub Date : 2021-03-08 , DOI: 10.1007/s10207-021-00543-w
An Braeken

Every month, several new protocols are popping up, comparing themselves with a few others and claiming to outperform the whole state of the art. The most popular domain of protocols is the one for authentication in a client–server architecture for which both symmetric key- and public key-based protocols are being proposed. The usage of public key-based mechanisms has several consequences, not only with respect to an increased computational and communication cost, but also with respect to increased possibilities to strengthen the protocol by making it resistant against a semi-trusted third party. On the other hand, we also recall that symmetric key-based protocols can already offer a nice set of security features. We see a trend in the current generation of papers published on public key-based client–server authentication protocols, showing that only a very limited amount of them really exploit the power that public key cryptography can offer with respect to this privacy towards a semi-trusted third party, and most of them do not even satisfy the same security features able to be also realised by a much more efficient symmetric key-based protocol. This paper serves as a warm wake-up call to all protocol designers to rethink the usage of more heavyweight constructions compared to symmetric key-based mechanisms in order to ensure that if they are used, they also fully exploit their inherent strength.



中文翻译:

客户端-服务器身份验证协议中的公钥和对称密钥加密

每个月,都会弹出一些新协议,将它们与其他协议进行比较,并声称其性能要优于整个技术水平。协议中最流行的领域是在客户端-服务器体系结构中进行身份验证的领域,为此提出了基于对称密钥和公共密钥的协议。基于公共密钥的机制的使用不仅会带来增加的计算和通信成本,而且还会导致通过增强对半受信任的第三方的抵抗力来增强协议的可能性,从而带来多种后果。另一方面,我们还记得基于对称密钥的协议已经可以提供一组不错的安全功能。我们看到当前有关基于公钥的客户端-服务器身份验证协议的论文的趋势,这表明只有极少数的服务器真正利用了公钥密码技术可以提供这种能力以保护半信任的第三方,并且其中大多数甚至不满足相同的安全功能,这些功能也可以通过以下方式实现:一种更有效的基于对称密钥的协议。本文是对所有协议设计者的热烈呼吁,与基于对称密钥的机制相比,它重新考虑使用更重量级的结构,以确保如果使用它们,它们也将充分利用其固有的优势。它们中的大多数甚至不满足相同的安全功能,而这些安全功能也可以通过更高效的基于对称密钥的协议来实现。本文是对所有协议设计者的热烈呼吁,与基于对称密钥的机制相比,它重新考虑使用更重量级的结构,以确保如果使用它们,它们也将充分利用其固有的优势。它们中的大多数甚至不满足相同的安全功能,而这些安全功能也可以通过更高效的基于对称密钥的协议来实现。本文是对所有协议设计者的热烈呼吁,与基于对称密钥的机制相比,它重新考虑使用更重量级的结构,以确保如果使用它们,它们也将充分利用其固有的优势。

更新日期:2021-03-08
down
wechat
bug