共查询到20条相似文献,搜索用时 46 毫秒
1.
针对人们对无线通信网络的功能和安全越来越高的要求,提出基于EC_DH交换密钥和基于RSA交换密钥的扩展WTLS(Wireless Transport Layer Security)协议。首先分析WAP安全架构中WTLS的安全性问题,然后根据数据的机密性、完整性以及在移动电话和其它无线终端中完成授权鉴定,在此基础上针对漏洞提出解决方案,改进后的协议增加了一个颁发证书的过程。最后通过案例证明本协议的安全性。结果表明,WTLS协议是一个更高安全性的协议,在无线通信网络中有着重要的价值和研究意义。 相似文献
2.
WAP技术是移动终端访问无线信息服务的全球主要标准。介绍了无线通讯技术中的WAP协议的各个层次协议所包含主要内容,并讨论了WAP协议中安全协议——无线传输层安全(WTLS)协议,最后介绍当前WAP应用中存在的一些缺陷。 相似文献
3.
Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However, confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper, a new concept called concurrent signcryption which
combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings, our scheme enjoys shorter
message length and less operation cost. Moreover, in our scheme the two ambiguous signcryptions can be published in any order. 相似文献
4.
本文介绍了无线应用协议(WAP)中的无线传输层安全规模(WTLS),说明了WTLS解决无线互联网络安全问题的机制及其有效性,并指出了一些有待解决的潜在安全问题。 相似文献
5.
As the mobile networks are springing up, mobile devices become a must gadget in our daily life. People can easily access Internet application services anytime and anywhere via the hand-carried mobile devices. Most of modern mobile devices are equipped with a GPS module, which can help get the real-time location of the mobile device. In this paper, we propose a novel authentication scheme which exploits volatile passwords—One-Time Passwords (OTPs) based on the time and location information of the mobile device to transparently and securely authenticate users while accessing Internet services, such as online banking services and e-commerce transactions. Compared to a permanent password base scheme, an OTP based one can prevent users from being eavesdropped. In addition to a memoryless feature, the scheme restricts the validness of the OTP password not only in a certain time period but also in a tolerant geometric region to increase the security protection. However, if a legitimate user is not in the anticipated tolerant region, the user may fail to be authenticated. Hence, a Short Message Service based mutual authentication mechanism is also proposed in the article to supplement the unexpected misjudgement. The proposed method with a volatile time/location-based password features more secure and more convenient for user authentication. 相似文献
6.
7.
8.
移动互联网中基于AKA认证的现有架构容易导致单点失效,服务器遭受恶意注册攻击,而且3GPP—AKA协议本身存在安全缺陷,文章对原有认证模型进行改进,提出基于P2P架构的认证服务器部署方案,同时改进AKA的认证流程,最后对本方案的安全性进行分析。 相似文献
9.
Hui Chen Lam P.P.Y. Chan H.C.B. Dillon T.S. Cao Jiannong Lee R.S.T. 《IEEE transactions on systems, man and cybernetics. Part C, Applications and reviews》2007,37(6):1174-1189
We present MAGICS, a mobile agent-based system for supporting business-to-consumer electronic commerce (e-commerce) or mobile commerce (m-commerce) applications. To use the system, consumers first provide their buying requirements to a proxy/agent server through a Web browser or a wireless application protocol (WAP) terminal. Having obtained the requirements, mobile agents are generated to carry out tasks for the consumers including getting offers from merchants, evaluating offers, and even completing purchases. In the case of mobile commerce, consumers can generate a mobile agent to conduct a search and evaluation in the digital marketspace before making a purchase in the physical marketplace. To make it possible to choose an offer that best satisfies the consumer's requirement(s), we present a mathematical model for evaluating multiple decision factors. To test the basic functions of the mobile agent-based Internet commerce system (MAGICS), we have built a prototype system. To minimize the average cost of a product (including the cost of sending agents), we have also developed an analytical model that can determine how many agents should be sent to compare prices. Four different price distributions and some real price information are analyzed based on the model. The analysis provides valuable insights into the design of mobile agent-based shopping applications for m-commerce, in particular, and for e-commerce, in general. 相似文献
10.
A mobile pay‐TV service is one of the ongoing services of multimedia systems. Designing an efficient mechanism for authentication and key distribution is an important security requirement in mobile pay‐TV systems. Until now, many security protocols have been proposed for mobile pay‐TV systems. However, the existing protocols for mobile pay‐TV systems are vulnerable to various security attacks. Recently, Wang and Qin proposed an authentication scheme for mobile pay‐TV systems using bilinear pairing on elliptic curve cryptography. They claimed that their scheme could withstand various attacks. In this paper, we demonstrate that Wang and Qin's scheme is vulnerable to replay attacks and impersonation attacks. Furthermore, we propose a novel security protocol for mobile pay‐TV systems using the elliptic curve cryptosystem to overcome the weaknesses of Wang and Qin's scheme. In order to improve the efficiency, the proposed scheme is designed in such a way that needs fewer scalar multiplication operations and does not use bilinear pairing, which is an expensive cryptographic operation. Detailed analyses, including verification using the Automated Validation of Internet Security Protocols and Applications tool and implementation on FPGA, demonstrate that the proposed scheme not only withstands active and passive attacks and provides user anonymity but also has a better performance than Wang and Qin's scheme. 相似文献
11.
Debiao He 《Ad hoc Networks》2012,10(6):1009-1016
With the continue evaluation of mobile devices in terms of the capabilities and services, security concerns increase dramatically. To provide secured communication in mobile client–server environment, many user authentication protocols from pairings have been proposed. In 2009, Goriparthi et al. proposed a new user authentication scheme for mobile client–server environment. In 2010, Wu et al. demonstrated that Goriparthi et al.’s protocol fails to provide mutual authentication and key agreement between the client and the server. To improve security, Wu et al. proposed an improved protocol and demonstrated that their protocol is provably secure in random oracle model. Based on Wu et al.’s work, Yoon et al. proposed another scheme to improve performance. However, their scheme just reduces one hash function operation at the both of client side and the server side. In this paper, we present a new user authentication and key agreement protocol using bilinear pairings for mobile client–server environment. Performance analysis shows that our protocol has better performance than Wu et al.’s protocol and Yoon et al.’s protocol. Then our protocol is more suited for mobile client–server environment. Security analysis is also given to demonstrate that our proposed protocol is provably secure against previous attacks. 相似文献
12.
We introduce the idea of a forward‐secure undetachable digital signature (FS‐UDS) in this paper, which enables mobile agents to generate undetachable digital signatures with forward security of the original signer's signing key. The definition and security notion of an FS‐UDS scheme are given. Then, the construction of a concrete FS‐UDS scheme is proposed; and the proof of security for the proposed scheme is also provided. In the proposed scheme, mobile agents need not carry the signing key when they generate digital signatures on behalf of the original signer, so the signing key will not be compromised. At the same time, the encrypted function is combined with the original signer's requirement; therefore, misuse of the signing algorithm can be prevented. Furthermore, in the case where a hacker has accessed the signing key of the original signer, he/she is not able to forge a signature for any time period prior to when the key was obtained. 相似文献
13.
YU Qun SONG Mei-na SONG Jun-de ZHAN Xiao-su PCN CAD Center Beijing University of Posts Telecommunications Beijing China 《中国邮电高校学报(英文版)》2006,13(4):34-38
1 Introduction With the introduction of high mobile handsets with increasingly powerful functions and the applications of WAP2.0 with considerably novel technologies, a series of diverse hot WAP services have come into being and have been successfully lau… 相似文献
14.
Tian-Fu Lee Shu-Hui Chang Tzonelih Hwang Song-Kong Chong 《Wireless Communications, IEEE Transactions on》2009,8(5):2166-2171
Lee and Yeh recently presented a delegation-based authentication protocol for portable communication systems (PCSs), which is claimed to provide non-repudiation in on-line authentication. This investigation indicates that their protocol has a weakness in that a malicious visited location register can forge the authentication messages in off-line authentication processes, preventing mobile users from obtaining non-repudiation in such processes. This study also presents an enhanced protocol, which not only has the same security properties as the original protocol but also avoids the weakness in the original scheme and reduces the computational cost. 相似文献
15.
16.
基于WAP的移动电子商务的安全问题 总被引:6,自引:0,他引:6
根据移动电子商务的特点,介绍了WAP无线应用协议提供的移动电子商务安全问题,WAP涉及的WTLS无线传输层的安全协议问题. 相似文献
17.
Cryptanalysis of smart‐card‐based password authenticated key agreement protocol for session initiation protocol of Zhang et al. 
下载免费PDF全文
下载免费PDF全文 Qi Jiang Jianfeng Ma Youliang Tian 《International Journal of Communication Systems》2015,28(7):1340-1351
As the core signaling protocol for multimedia services, such as voice over internet protocol, the session initiation protocol (SIP) is receiving much attention and its security is becoming increasingly important. It is critical to develop a roust user authentication protocol for SIP. The original authentication protocol is not strong enough to provide acceptable security level, and a number of authentication protocols have been proposed to strengthen the security. Recently, Zhang et al. proposed an efficient and flexible smart‐card‐based password authenticated key agreement protocol for SIP. They claimed that the protocol enjoys many unique properties and can withstand various attacks. However, we demonstrate that the scheme by Zhang et al. is insecure against the malicious insider impersonation attack. Specifically, a malicious user can impersonate other users registered with the same server. We also proposed an effective fix to remedy the flaw, which remedies the security flaw without sacrificing the efficiency. The lesson learned is that the authenticators must be closely coupled with the identity, and we should prevent the identity from being separated from the authenticators in the future design of two‐factor authentication protocols. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
18.
19.
Authentication schemes have been widely deployed access control and mobility management in various communication networks. Especially, the schemes that are based on multifactor authentication such as on password and smart card come to be more practical. One of the standard authentication schemes that have been widely used for secure communication over the Internet is session initiation protocol (SIP). The original authentication scheme proposed for SIP was vulnerable to some crucial security weaknesses. To overcome the security problems, various improved authentication schemes have been developed, especially based on elliptic curve cryptography (ECC). Very recently, Zhang et al . proposed an improved authentication scheme for SIP based on ECC using smart cards to overcome the security flaws of the related protocols. Zhang et al . claimed that their protocol is secure against all known security attacks. However, this paper indicates that Zhang et al . protocol is still insecure against impersonation attack. We show that an active attacker can easily masquerade as a legal server to fool users. As a remedy, we also improve Zhang et al . protocol by imposing a little extra computation cost. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
20.
Routing is one of the most basic networking functions in mobile ad hoc networks. Hence, an adversary can easily paralyze the operation of the network by attacking the routing protocol. This has been realized by many researchers and several "secure" routing protocols have been proposed for ad hoc networks. However, the security of those protocols has mainly been analyzed by informal means only. In this paper, we argue that flaws in ad hoc routing protocols can be very subtle, and we advocate a more systematic way of analysis. We propose a mathematical framework in which security can be precisely defined and routing protocols for mobile ad hoc networks can be proved to be secure in a rigorous manner. Our framework is tailored for on-demand source routing protocols, but the general principles are applicable to other types of protocols too. Our approach is based on the simulation paradigm, which has already been used extensively for the analysis of key establishment protocols, but, to the best of our knowledge, it has not been applied in the context of ad hoc routing so far. We also propose a new on-demand source routing protocol, called endairA, and we demonstrate the use of our framework by proving that it is secure in our model 相似文献