一种增强的ZRTP认证机制

ZRTP本身的认证机制在一些特殊的情况下无法抵抗中间人攻击。为此,基于简单密钥协商协议(SAKA)提出一种NSAKA算法,改进ZRTP的认证机制,使用RFC4474中的SIP身份认证模型来安全传输用户预共享的秘密口令。通过分析表明,该方案可以提高ZRTP抵抗中间人攻击的能力,并弥补SAKA算法原有的安全缺陷。     

一个改进的简单可认证密钥协商协议

简单可认证的密码协商协议（SAKA）是由Seo和Sweeney提出的,它是在Diffie-Hellmen协议基础上进行改进,目的是通信双方提供一个可认证的安全会话密钥的协商机制。本文将在SAKA的基础上,提出一个改进的方案,该改进版可以抵抗已提出的对SAKA的伪造攻击。     

基于Diffie-Hellman算法的可否认认证协议

提出了一种可否认的认证协议，该协议能够抵抗中间人攻击，在电子选举以及网上谈判等场合保证了公平性以及安全性，协议基于Diffie-Hellman算法，利用了Hash函数以及传统的密钥加密，实现简单。     

辫群上密钥协商协议的改进与安全性分析

对辫群上密钥协商协议进行安全性分析,指出该协议无法抵抗中间人攻击,在密钥协商协议基础上,提出一种改进的密钥协商协议。该协议在密钥协商的过程中,采用辫群上的数字签名进行认证,有效防止中间人攻击和重放反射攻击。分析结果验证了该协议的安 全性。     

一种改进的基于标签部分ID的RFID密钥无线生成算法

针对无线射频识别系统存在的初始密钥易泄露的安全问题,提出了一种基于标签部分ID的RFID密钥无线生成算法。在标签与读写器认证之前,通过标签部分ID与读写器生成的随机数进行异或运算生成共享密钥。安全性分析表明,该算法能够有效地抵抗重放攻击、中间人攻击和去同步化攻击等主动攻击及被动攻击,具有安全性高、成本低的优点。     

一种可证安全的两方口令认证密钥交换协议

口令认证的两方密钥交换协议无法抵御口令字典攻击和服务器泄漏伪装攻击。为此,提出一种改进的PAKA-X协议,用户保存自己的口令明文,服务器存储用户口令明文的验证值,由此弥补原协议的安全漏洞。理论分析结果表明,改进协议具有完美前向安全性,能抵抗Denning-Sacco攻击、服务器泄漏攻击、在线和离线字典攻击以及中间人攻击,并且仅需9次指数运算、6次哈希运算和6次异或运算,运行效率较高。     

一种无线认证密钥协商协议

提出一种新的无线局域网认证密钥协商协议,可以提供双方相互认证及密钥确认。该协议在密钥设置上基于挑战响应协议和KAS方案,在密钥预分配上基于Diffie—Hellman协议,可以提供完美前向安全性,抵抗被动攻击、字典攻击、中间人攻击、假冒攻击等。并对协议的计算代价和通信代价进行分析。     

一种三方认证密钥协商协议的分析与改进

大多数三方认证密钥协商协议不能抵抗中间人攻击。为此,对Tan提出的三方认证密钥协商协议(Journal of Communications, 2010, No.5)进行分析,证明其不能抵抗发起者假冒攻击、响应者假冒攻击及中间人攻击,并利用单向哈希函数和椭圆曲线密码学技术对协议进行改进。理论分析与形式化证明结果表明,改进协议继承了原协议的安全性,并能抵抗假冒攻击及中间人攻击。     

一种新的双方认证密钥协商协议的安全性分析

2010年,Mohammad等人提出了一种新的双方认证密钥协商协议(MOHAMMAD Z, CHEN Y, HSU C, et al. Cryptanalysis and enhancement of two-pass authenticated key agreement with key confirmation protocols. IETE Technical Review, 2010,27(3):252-65)。新协议以较高的运算效率实现了参与者双方的身份认证和密钥协商。对该协议的单轮版本进行了安全性分析,通过模拟协议中某些信息丢失后协议双方的通信过程,发现如果协议中的一些秘密信息丢失,敌手可以发起信息泄露伪装攻击、密钥泄露伪装攻击和一般定义下的伪装攻击,也无法抵抗中间人攻击。这些攻击都可以使得敌手冒充合法参与者发起或回应会话。     

基于身份的P2PSIP可认证密钥协商方案

为解决点对点会话初始协议(P2PSIP)的安全性问题,根据其分布式特点,结合身份公钥密码,提出一种可认证密钥协商方案。分析其安全性、运算效率和密钥托管等问题。该方案可以实现P2PSIP呼叫过程的双向身份认证和密钥协商,抵抗中间人攻击、重放攻击和离线密码攻击,防止消息体篡改、会话劫持和身份欺骗。     

一种无证书认证密钥协商协议的分析与改进*

研究无证书公钥密码系统中两方认证密钥协商协议问题。对Liu xu的无证书两方认证密钥协商协议进行安全性分析,指出该方案不具有强安全性。该方案不能抵抗密钥泄露伪装攻击和临时私钥泄露攻击。分析了方案不安全的原因,在此基础上提出一个改进的方案来修正Liu xu的方案。因此,设计看似安全的无证书两方认证密钥协商协议并不困难,但要给出协议的安全性证明并不容易。     

Side-Channel Analysis for the Authentication Protocols of CDMA Cellular Networks

Time-division multiple access (TDMA) and code-division multiple access (CDMA) are two technologies used in digital cellular networks. The authentication protocols of TDMA networks have been proven to be vulnerable to side-channel analysis (SCA), giving rise to a series of powerful SCA-based attacks against unprotected subscriber identity module (SIM) cards. CDMA networks have two authentication protocols, cellular authentication and voice encryption (CAVE) based authentication protocol and authentication and key agreement (AKA) based authentication protocol, which are used in different phases of the networks. However, there has been no SCA attack for these two protocols so far. In this paper, in order to figure out if the authentication protocols of CDMA networks are sufficiently secure against SCA, we investigate the two existing protocols and their cryptographic algorithms. We find the side-channel weaknesses of the two protocols when they are implemented on embedded systems. Based on these weaknesses, we propose specific attack strategies to recover their authentication keys for the two protocols, respectively. We verify our strategies on an 8-bit microcontroller and a real-world SIM card, showing that the authentication keys can be fully recovered within a few minutes with a limited number of power measurements. The successful experiments demonstrate the correctness and the effectiveness of our proposed strategies and prove that the unprotected implementations of the authentication protocols of CDMA networks cannot resist SCA.     

基于ECDLP的SIP认证密钥协商协议

SIP协议是应用层控制协议,为了提高SIP协议的安全性,文中基于椭圆曲线离散对数问题的难解性,结合用户身份、用户口令及单向陷门函数F(),提出了一种基于ECDLP的SIP认证密钥协商协议.协议过程主要由初始化、注册、登录认证、口令修改四部分组成.安全分析表明,该协议实现了双向认证、提供了安全会话密钥,能抵抗口令猜测攻击、中间人攻击、重放攻击、冒充攻击、Denning-Sacco攻击等.与相关协议比较,本文所提出的基于ECDLP的SIP认证密钥协议具有更高的安全性,能更好的满足应用需求.     

An efficient client–client password-based authentication scheme with provable security

Recently, Tso proposed a three-party password-based authenticated key exchange (3PAKE) protocol. This protocol allows two clients to authenticate each other and establish a secure session key through a server over an insecure channel. The main security goals of such protocols are authentication and privacy. However, we show that Tso’s protocol achieves neither authentication goal nor privacy goal. In this paper, we indicate that the privacy and authentication goals of Tso’s protocol will be broken by off-line password guessing attack and impersonation attack, respectively. To overcome the weaknesses, we propose an improved 3PAKE protocol to achieve more security and performance than related protocols. The security of the proposed improved protocol is proved in random oracle model.     

An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards

Generally, if a user wants to use numerous different network services, he/she must register himself/herself to every service providing server. It is extremely hard for users to remember these different identities and passwords. In order to resolve this problem, various multi-server authentication protocols have been proposed. Recently, Sood et al. analyzed Hsiang and Shih's multi-server authentication protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication, the session key agreement and can resist several kinds of attacks. However, through careful analysis, we find that Sood et al.'s protocol is still vulnerable to leak-of-verifier attack, stolen smart card attack and impersonation attack. Besides, since there is no way for the control server CS to know the real identity of the user, the authentication and session key agreement phase of Sood et al.'s protocol is incorrect. We propose an efficient and security dynamic identity based authentication protocol for multi-server architecture that removes the aforementioned weaknesses. The proposed protocol is extremely suitable for use in distributed multi-server architecture since it provides user's anonymity, mutual authentication, efficient, and security.     

基于椭圆曲线的跨域端到端口令认证密钥协商协议

跨域端到端口令认证密钥协商协议(C2C-PAKA)的主要目的是使分布在不同域中持有不同口令的两个客户端可以在各自服务器的协助下实现相互认证并协商出共同的会话密钥。本文中,我们基于椭圆曲线上的离散对数问题,在直接通信架构下给出一个跨域的口令认证的密钥协商协议。该协议中,诚实的服务器是不能获取任何关于会话密钥的值。各参与方之间能够实现相互认证。与同类协议比较,该协议具有较小的通信负担和计算负担,更易于实现。此外,协议还能够抵抗字典攻击、口令泄露模仿攻击和未知会话密钥共享攻击等通用攻击类型,同时能够实现前向安全、无密钥控制和已知会话密钥安全等安全属性。     

Security weakness of Tseng’s fault-tolerant conference-key agreement protocol

A fault-tolerant conference-key agreement protocol establishes a shared key among participants of a conference even when some malicious participants disrupt key agreement processes. Recently, Tseng proposed a new fault-tolerant conference-key agreement protocol that only requires a constant message size and a small number of rounds. In this paper, we show that the Tseng’s protocol cannot provide forward and backward confidentiality during a conference session for the proposed attack method. We also show that a simple countermeasure—re-randomizing short-term keys of some participants—to avoid the proposed attack can be broken by extending the proposed attack method.