中文摘要：

针对智能卡登录系统中远程身份认证和密钥交换问题,提出一种具有通用可组合安全的基于口令的匿名认证密钥交换协议——πpAKE.该协议采用匿名技术进行登录认证及信息存储管理,使用Diffie-Hellman（DH）算法实现数据交换,同时生成临时会话密钥.由此节省了登录的运算开销,且协议具有前向安全性.研究从形式化论证角度出发,利用通用可组合安全认证理想函数FAUTH模型和密钥交换理想函数FKE模型,构建πpAKE的通用可组合安全模型,并在此模型下,对πpAKE安全性进行论证,结果表明,该协议具有通用可组合的安全性能.

英文摘要：

Focusing on remote entity authentication and key exchange with smart cards,this paper proposed a password-based anonymous authentication key exchange protocol with universally composabe security——πpAKE.In this protocol the anonymous technology was used for login,authentication and management of information storage.Diffie-Hellman（DH）algorithm was in troduced to realize the data exchange and generates the session key so as to reduce the computational cost when login.The protocol has forward security.For the purpose of formalization,this paper established an universally-composable security model for πpAKE based on the model of ideal function for authentication FAUTH and key exchange FKE,and demonstrated the security of πpAKE under the model.The verification results have demonstrated the universally composable security of this sprotocol.