首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到10条相似文献,搜索用时 93 毫秒
1.
We consider deterministic distributed broadcasting on multiple access channels in the framework of adversarial queuing. Packets are injected dynamically by an adversary that is constrained by the injection rate and the number of packets that may be injected simultaneously; the latter we call burstiness. A protocol is stable when the number of packets in queues at the stations stays bounded. The maximum injection rate that a protocol can handle in a stable manner is called the throughput of the protocol. We consider adversaries of injection rate 1, that is, of one packet per round, to address the question if the maximum throughput 1 can be achieved, and if so then with what quality of service. We develop a protocol that achieves throughput 1 for any number of stations against leaky-bucket adversaries. The protocol has O(n2+\textburstiness){\mathcal{O}(n^2+\text{burstiness})} packets queued simultaneously at any time, where n is the number of stations; this upper bound is proved to be best possible. A protocol is called fair when each packet is eventually broadcast. We show that no protocol can be both stable and fair for a system of at least two stations against leaky-bucket adversaries. We study in detail small systems of exactly two and three stations against window adversaries to exhibit differences in quality of broadcast among classes of protocols. A protocol is said to have fair latency if the waiting time of packets is O(\textburstiness){\mathcal{O}(\text{burstiness})}. For two stations, we show that fair latency can be achieved by a full sensing protocol, while there is no stable acknowledgment based protocol. For three stations, we show that fair latency can be achieved by a general protocol, while no full sensing protocol can be stable. Finally, we show that protocols that either are fair or do not have the queue sizes affect the order of transmissions cannot be stable in systems of at least four stations against window adversaries.  相似文献   

2.
A secure and scalable Group Key Exchange system   总被引:4,自引:0,他引:4  
We present a Group Key Exchange protocol which extends in a natural way the Diffie-Hellman protocol. Our protocol is scalable: it has two rounds (for n>2 parties) and the number of modular exponentiations per user is constant. It is secure against a passive adversary if the Diffie-Hellman problem is intractable.  相似文献   

3.
Very recently, Tu et al. proposed an authentication scheme for session initiation protocol using smart card to overcome the security flaws of Zhang et al.’s protocol. They claimed that their protocol is secure against known security attacks. However, in this paper, we indicate that Tu et al.’s protocol is insecure against impersonation attack. We show that an adversary can easily masquerade as a legal server to fool users. As a remedy, we also improve Tu et al.’s protocol without imposing extra computation cost. To show the security of our protocol, we prove its security in the random oracle model.  相似文献   

4.
Cryptanalysis of simple three-party key exchange protocol   总被引:1,自引:0,他引:1  
Recently, Lu and Cao published a novel protocol for password-based authenticated key exchanges (PAKE) in a three-party setting in Journal of Computers and Security, where two clients, each shares a human-memorable password with a trusted server, can construct a secure session key. They argued that their simple three-party PAKE (3-PAKE) protocol can resist against various known attacks. In this paper, we show that this protocol is vulnerable to a kind of man-in-the-middle attack that exploits an authentication flaw in their protocol and is subject to the undetectable on-line dictionary attack. We also conduct a detailed analysis on the flaws in the protocol and provide an improved protocol.  相似文献   

5.
The security of the recent quantum multi-signature protocol based on teleportation is analyzed. We show that there are some security vulnerabilities in the protocol. The detailed attack strategies are described from the aspect of participant attack. We also point out that the protocol is not secure against external attack. Finally, we give some possible countermeasures to improve the protocol.  相似文献   

6.
一种安全的Ad Hoc网络路由协议SGSR   总被引:3,自引:0,他引:3       下载免费PDF全文
Ad Hoc网络作为一种无线移动网络,其安全问题,特别是路由协议的安全备受关注。针对现有适合移动Ad Hoc网络的链路状态路由协议GSR无法防范恶意节点伪造、篡改、DoS攻击的现状,本文提出了一种在移动Ad Hoc网络中抵抗单个节点恶意攻击的安全路由协议SGSR,给出了认证协议的形式化证明,并对路由协议进行仿真和性能分析。  相似文献   

7.
We introduce an extended Key Compromise Impersonation (KCI) attack against two-party key establishment protocols, where an adversary has access to both long-term and ephemeral secrets of a victim. Such an attack poses serious threats to both key authentication and key confirmation properties of a key agreement protocol, and it seems practical because the adversary could obtain the victim?s ephemeral secret in a number of methods; for example, by installing some Trojan horse into the victim?s computer platform or by exploiting the imperfectness of the pseudo-random number generator in the platform. We demonstrate that the 3-pass HMQV protocol, which is secure against the standard KCI attack, is vulnerable to this new attack. Furthermore, we show a countermeasure to prevent such an attack.  相似文献   

8.
Password-authenticated group key exchange protocols allow that a group of participants who share a human-memorable (short) password can obtain a common session key in a secure way over public networks. In this paper, we design a compiler, which transforms any basic group key exchange protocol (which is only resistant against benign adversaries) into a password-authenticated group key exchange protocol. We prove that the new protocol outputted by the compiler is secure in the random-oracle and ideal-cipher models if the underlying group key exchange protocol is secure. Our compiler is practical since it only needs four more additional rounds of communications, which means that the new protocol still holds constant-round property if the original one is a constant-round scheme.  相似文献   

9.
In this paper, we investigate a model of a combinatorial, procurement multi-attribute auction, in which each sales item is defined by several attributes called quality, the buyer is the auctioneer (e.g., a government), and the sellers are the bidders. Furthermore, there exist multiple items and both buyer and sellers can have arbitrary (e.g., substitutable/complementary) preferences on a bundle of items. Our goal is to develop a protocol that is strategy-proof for sellers. We first present a VickreyClarkeGroves (VCG)-type protocol. As in a standard combinatorial auction, a VCG-type protocol is not false-name-proof, i.e., it is vulnerable against manipulations using multiple identifiers. Next, we show that any strategy-proof protocol in this model can be represented as a framework called Price-Oriented Rationing-Free (PORF) protocol, in which for each bidder, for each bundle of items, and for each quality, the payment for the bidder is determined independently of his own declaration, and the bidder can obtain a bundle that maximizes his utility independently of the allocations of other bidders. We develop a false-name-proof protocol in this model.  相似文献   

10.
There have been many proposals in recent years for password-authenticated key exchange protocols, i.e., protocols in which two parties who share only a short secret password perform a key exchange authenticated with the password. However, the only ones that have been proven secured against offline dictionary attacks were based on Diffie–Hellman key exchange. We examine how to design a secure password-authenticated key exchange protocol based on RSA. In this paper, we first look at the OKE and protected-OKE protocols (both RSA-based) and show that they are insecure. Then we show how to modify the OKE protocol to obtain a password-authenticated key exchange protocol that can be proven secure (in the random oracle model). This protocol is very practical; in fact, it requires about the same amount of computation as the Diffie–Hellman-based protocols. Finally, we present an augmented protocol that is resilient to server compromise, meaning (informally) that an attacker who compromises a server would not be able to impersonate a client, at least not without running an offline dictionary attack against that client’s password.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号