共查询到19条相似文献,搜索用时 187 毫秒
1.
Internet快速发展要求向支持主机移动扩展,而网上的许多应用要求网络支持多点传送机制。多点传送技术在移动Internet环境中的应用变得十分重要。文中介绍了移动Internet中IP多点传送的技术,对其中的一些问题进行了讨论。 相似文献
2.
3.
4.
本文介绍了UDPSockets的基本概念和IP多点传送的原理,详细讨论了Java中的相关类及使用方法,提供了一个IP多点传送的开发流程。 相似文献
5.
针对现有的RFID认证协议所面临的安全隐私保护问题,利用Hash函数加密的方法,提出了一种能抵抗拒绝服务攻击且高效的RFID安全认证协议。通过在阅读器上进行随机数的比较与识别,从而使该协议可抵抗拒绝服务攻击,并且在后台数据库中存储标签标识符的两种状态,以便实现电子标签与后台数据库的数据同步。从理论上分析了协议的性能和安全性,并利用BAN逻辑对协议的安全性进行了形式化证明。分析结果表明,该协议能够有效地实现阅读器和电子标签之间的相互认证,能有效地抵抗拒绝服务攻击且与其他协议比较,整个RFID系统的计算量减小,适用于大规模使用标签的RFID系统。 相似文献
6.
7.
SPA(Simple Power Analysis)攻击可能通过泄露的信息获取内存受限制的设备中的密钥,它是通过区分一次点乘运算中点加运算和倍点运算进行的。抗SPA攻击的点乘算法较多,但对于多点乘算法相关措施较少。Sharmir—NAF多点乘算法是一个时间和空间效率都非常优秀的多点乘算法。为此提出一种基于Sharmir—NAF的抗SPA攻击的多点乘算法。新的算法在内存空间消耗和计算速度上较原算法负担增加可以忽略不计,而且能够抗SPA攻击。 相似文献
8.
9.
10.
一种远程动态身份认证方案 总被引:1,自引:0,他引:1
动态口令认证机制已逐渐成为主流的认证趋势。介绍、分析SAS认证方案,针对其无法抵御拒绝服务攻击和不提供双向认证的安全缺陷,提出一种新的动态身份认证方案,给出具体的注册过程和认证过程,进行安全性分析。 相似文献
11.
12.
13.
Prashant Rajvaidya Krishna N. Ramachandran Kevin C. Almeroth 《Journal of Network and Systems Management》2004,12(3):297-326
A lack of mechanisms to monitor and manage multicast networks has adversely affected progress in several areas critical for successful deployment. One such area involves discovering and solving multicast security vulnerabilities. Although a number of vulnerabilities exist, the most troubling are a set of easily exploited Denial-of-Service (DoS) attacks. The main reason for this concern is that the one-to-many nature of multicast can significantly magnify the effects of these attacks. Among the possible multicast DoS attacks, those that target the the Multicast Source Discovery Protocol (MSDP) can be most damaging. MSDP vulnerabilities are unusually easy to exploit and can lead to infrastructure-wide damage. In this paper, our goal is to develop a security framework that protects against DoS attacks through detection and then deflection. In developing our framework, we first examine the vulnerability of multicast protocols, to DoS attacks. We use data collected with our global monitoring infrastructure, Mantra, to analyze the nature and effects of attacks that have already occurred. We then create additional, more virulent strains. Finally, we propose a family of solutions to detect and deflect the effects of each attack. Our techniques are evaluated by simulating their effectiveness against both real and simulated workloads. 相似文献
14.
安全组播通信的主要挑战之一是源认证,而其关键是为组播通信提供可靠的安全机制。然而,现在的组播协议仅提供部分解决办法。鉴于这些原因,作者首先阐述组播通信的主要安全问题——源认证。其次,基于发送方和接收方间初始的不精确时间同步,提出了一个非常有效的方法,此方法能作到数据包一到,就允许接收方认证大部分包。 相似文献
15.
在组播认证协议TESLA的基础上引入消息分散算法,提出一个全新的组播认证协议,它能够为不稳定信道上的组播通信提供实时认证。文章最后给出了该协议详细的性能分析。该文提出的组播认证协议是要为每个数据包增加60~80字节的认证信息就可以为很高丢包率(≈50%)的组播通信提供99%以上的实时认证率。协议还增加了系统的可扩展性,可以为分布更广、组员规模更大的组播应用提供安全认证。 相似文献
16.
组播分组数据源鉴别综述 总被引:2,自引:0,他引:2
对组播分组数据源鉴别领域的现有研究成果进行了系统的分类和总结,指出了它们各自存在的优缺点;提出了一个公开问题——分组Hash有向图鉴别问题;指出了该领域的一些可能发展方向。 相似文献
17.
《Computer Communications》2007,30(1):117-121
Remote user authentication based on passwords over untrusted networks is the conventional method of authentication in the Internet and mobile communication environments. Typical secure remote user access solutions rely on pre-established secure cryptographic keys, public-key infrastructure, or secure hardware. Recently, Peyravian and Jeffries proposed password-based protocols for remote user authentication, password change, and session key establishment over insecure networks without requiring any additional private- or public-key infrastructure. In this paper we point out security flaws of Peyravian–Jeffries’s protocols against off-line password guessing attacks and Denial-of-Service attacks. 相似文献
18.
Many techniques for multicast authentication employ the principle of delayed key disclosure. These methods introduce delay in authentication, employ receiver-side buffers, and are susceptible to denial-of-service (DoS) attacks. Delayed key disclosure schemes have a binary concept of authentication and do not incorporate any notion of partial trust. This paper introduces staggered timed efficient stream loss-tolerant authentication (TESLA), a method for achieving multigrade authentication in multicast scenarios that reduces the delay needed to filter forged multicast packets and, consequently, mitigates the effects of DoS attacks. Staggered TESLA involves modifications to the popular multicast authentication scheme, TESLA, by incorporating the notion of multilevel trust through the use of multiple, staggered authentication keys in creating message authentication codes (MACs) for a multicast packet. We provide guidelines for determining the appropriate buffer size, and show that the use of multiple MACs and, hence, multiple grades of authentication, allows the receiver to flush forged packets quicker than in conventional TESLA. As a result, staggered TESLA provides an advantage against DoS attacks compared to conventional TESLA. We then examine two new strategies for reducing the time needed for complete authentication. In the first strategy, the multicast source uses assurance of the trustworthiness of entities in a neighborhood of the source, in conjunction with the multigrade authentication provided by staggered TESLA. The second strategy achieves reduced delay by introducing additional key distributors in the network. 相似文献