Cross-realm client-to-client password-authenticated key exchange(C2C-PAKE) protocols are important in web communication. But most C2C-PAKE protocols can not resist password-compromise impersonation attack. This paper provides a new cross-realm C2C-PAKE protocol with signature scheme and low communication cost. Then the security of the protocal is proved under general model. The new protocol can be resistant to many attacks such as password-compromise impersonation attack and so on. Furthermore, this protocol provides the property of the perfect forward secrecy.%跨域客户到客户基于口令认证的密钥交换(C2C-PAKE)协议具有重要的应用价值.但是,目前的大部分C2C-PAKE协议都无法抵抗口令泄露攻击.该文给出了一个新的跨域客户到客户的口令认证密钥交换协议.该协议带有签名体制且交互次数较少.随后,在一般模型下对给出的协议进行了安全性证明.该协议可以抵抗口令泄露等各种攻击,并且具有前向安全性质.
展开▼