共查询到20条相似文献,搜索用时 31 毫秒
1.
Most conventional conference key agreement protocols have not been concerned with a practical situation. There may exist some
malicious conferees who attempt to block conference initiation for some purposes, e.g. commercial, political or military benefit.
Instances where conference must be launched immediately due to emergency, efficient detection of malicious behavior would
be needed. Recently, Tzeng (IEEE Trans. Comput. 51(4):373–379, 2002) proposed a fault-tolerant conference key agreement protocol
to address the issue where a conference key can be established among conferees even though malicious conferees exist. However,
his protocol might be complex and inefficient during fault-detection. In the case where a malicious conferee exists and a
fault-tolerant mechanism is launched, complicated interactions between conferees will be required. In this paper, we introduce
a novel strategy, where any malicious conferee may be identified and removed from the conferee list without any interaction.
With such a non-interactive fault-tolerance, conferences could be established and started efficiently. A complete example
of our protocol will be given to describe the fascinating fault-tolerance. We analyse the security of our protocol regarding
four aspects, i.e. correctness, fault-tolerance, active attack and passive attack. The comparisons of performance between
our protocol and that of Tzeng are also shown. As a whole, the advantage of our protocol is superior to that of Tzeng under
the situation where malicious conferees exist.
相似文献
Chi-Sung LaihEmail: |
2.
一种抗阻断攻击的认证组密钥协商协议 总被引:1,自引:0,他引:1
一个非认证的组密钥协商协议不能对通信参与者和消息进行认证,它必须依赖认证的网络信道或其它的认证方法.分析了Burmester等人在认证广播信道下提出的著名组密钥协商协议,指出它不能抵抗内部恶意节点发起的密钥协商阻断攻击,该攻击导致组内其它诚实节点不能正确计算出一致的组密钥.提出了一种改进的认证的组密钥协商协议,在原协议中加入了消息正确性的认证方法,能够对组内恶意节点进行检测,并在随机预言模型下证明了改进的协议能够抵抗密钥协商阻断攻击. 相似文献
3.
基于移动网络的会议系统,着重于共享密钥的建立、分发与更新,对会议参与者的恶意或虚假消息,以往的方案不能阻止。提出了一种基于概率验证的方法,将其应用于移动会议的设计,可以有效地降低方案运行中的垃圾信息。 相似文献
4.
Sangho Lee Author Vitae Jong Kim Author Vitae Author Vitae 《Journal of Systems and Software》2009,82(7):1163-1167
A fault-tolerant conference-key agreement protocol establishes a shared key among participants of a conference even when some malicious participants disrupt key agreement processes. Recently, Tseng proposed a new fault-tolerant conference-key agreement protocol that only requires a constant message size and a small number of rounds. In this paper, we show that the Tseng’s protocol cannot provide forward and backward confidentiality during a conference session for the proposed attack method. We also show that a simple countermeasure—re-randomizing short-term keys of some participants—to avoid the proposed attack can be broken by extending the proposed attack method. 相似文献
5.
提出了一个改进的基于身份并且错误容忍的会议密钥分配方案,分析结果表明,改进的协议在继承原协议安全特性的基础上,具备了抗被动攻击性、抗篡改攻击性和前向安全性,跟同类协议相比较,其安全性最高,通信量居中,因此,其实用性最强。 相似文献
6.
7.
利用Yang等人的一个基于身份的并且错误容忍的会议密钥分配方案,提出了一种改进的会议密钥分配协议算法,并分析了该协议的正确性和安全性。分析结果表明,该方案不但实现了即使存在恶意参与者的情况下,诚实参与者也能协商出一个共同的会议密钥的目的;而且能够有效地抵抗被动攻击和主动攻击,安全高效,具有很强的实用性。 相似文献
8.
A new communication mode, quantum simultaneous secret distribution (QSSD) is put forward, where one sender distributes different classical secret message to multiparty receivers simultaneously. Based on the properties of the one-dimensional four-qubit cluster states, a three-party QSSD protocol is proposed, and then it is extended to the case that there are many receivers. Owing to the idea of quantum dense coding, each receiver can receive two bits of classical message by the sender only using a cluster state. In order to check security of quantum channels, a strategy which can prevent common attacks efficiently is put forward. QSSD is distinct from quantum secret sharing (QSS) and quantum broadcast communication (QBC), but it can be easily converted into QSS and QBC. QSSD is also different from the multiple-QKD communication mode where the sender shares a private key with each receiver at first, while in QSSD the sender doesn’t; in addition, only one round of one-to-many communication is performed in QSSD, while in multiple-QKD communication mode many rounds of one-to-one communication are performed. 相似文献
9.
针对基于离散对数多重签名方案的一种攻击 总被引:13,自引:1,他引:13
作为一种特殊的数字签名,多重签名由签名群体中的所有成员合作对给定的消息进行处理后形成整个群体的签名;而验证者只需要利用群体的唯一公钥即可对签名进行有效性检验.Harn和Ji等人提出了两个基于离散对数的多重签名方案.但陆浪如等指出了这两个方案的一个共同缺点:若部分成员合谋作弊,则群体所产生的多重签名也可以解释为由其他诚实成员所产生的多重签名.这样,在必要时,作弊成员就可以否认他们与某些多重签名有关.为了克服这一缺点,陆浪如等对这两个多重签名方案的密钥生成部分提出了两种改进.该文给出一种攻击方法以表明陆浪如等的改进多重签名方案仍然是不安全的.在这一攻击中,单个成员就能够控制群体私钥,从而能以群体的名义伪造对任何消息的多重签名.与此同时,其他成员仍可正常地产生签名,所以他们觉察不到欺诈的存在.另外,该文提出的攻击方法对改进前的方案也有效. 相似文献
10.
Kuo-Hsuan Huang Yu-Fang Chung Hsiu-Hui Lee Feipei Lai Tzer-Shyong Chen 《Computer Standards & Interfaces》2009,31(2):401-405
Secure communication is of utmost importance to participants of Internet conferences. Secure communication thwarts eavesdropping. In an Internet conference, all conference participants together establish a common conference key to enable multi-party and secure exchange of messages. However, malicious conference participants may try to obtain the conference key through unfair means, and this could result in the generation of different conference keys. This paper is intended as a proposal of a new form of conference key agreement protocol. It emphasizes the filtering of malicious participants at the beginning of the conference to ensure that all participants obtain the same conference key. The proposed method also has fault-tolerant capability. Efficiency and security of a protocol is important in practice. The security of the proposed protocol is based on discrete logarithm problem assumption. The protocol is executed in computationally secure environment. The secret information of a user cannot be determined from its corresponding public information and therefore ensures privacy. Since efficiency of a protocol depends on low computation cost, the protocol attempts to achieve lower computation cost without compromising on security. 相似文献
11.
Security of robust generalized MQV key agreement protocol without using one-way hash functions 总被引:1,自引:0,他引:1
The MQV key agreement protocol has been adopted by IEEE P1363 Committee to become a standard, which uses a digital signature to sign the Diffie–Hellman public keys without using any one-way hash function. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two parties to establish multiple common secret keys in a single round of message exchange. However, the Harn–Lin protocol suffers from the known-key attack if all the secret keys established are adopted. Recently, Tseng proposed a new generalized MQV key agreement protocol without using one-way hash functions. Tseng claimed that the proposed protocol is robust since the new protocol can withstand the forgery attack and the known-key attack. In this paper we show that this protocol is not secure since the receiver can forge signatures. We also propose an improved authenticated multiple-key agreement protocol, which is secure against the forgery attack and the known-key attack. 相似文献
12.
本文中,我们首先证明了李增鹏等人提出的多比特多密钥全同态加密方案(MFHE)满足密钥同态性质,利用此性质,可以通过门限解密得到最终解密结果.使用该方案,我们设计了一个在CRS模型下和半恶意攻击者模型下安全的三轮多方计算协议(MPC).该安全多方计算协议的安全性是基于容错学习问题(LWE)的两个变种问题Ferr-LWE和... 相似文献
13.
A key sharing graph is one in which each vertex corresponds to a player, and each edge corresponds to a secret key shared by the two players incident with the edge. Assume that, given a key sharing graph which contains a spanning tree, any designated player wishes to broadcast a message to all the other players securely against an eavesdropper. This can be easily done by flooding the message on the tree using the one-time pad scheme. However, the number of communication rounds in such a protocol is equal to the height of the tree. This paper provides another efficient protocol, which has exactly one communication round, i.e., we give a non-interactive protocol. 相似文献
14.
Chiara Bodei Pierpaolo Degano Han Gao Linda Brodo 《Electronic Notes in Theoretical Computer Science》2007,194(1):3
A type flaw attack on a security protocol is an attack where an honest principal is cheated on interpreting a field in a message as the one with a type other than the intended one. In this paper, we shall present an extension of the LySa calculus with tags attached to each field, indicating the intended types. We developed a control flow analysis for analysing the extended LySa, which over-approximates all the possible behaviour of a protocol and hence is able to capture any type confusion that may happen during the protocol execution. The control flow analysis has been applied to a number of security protocols, either subject to type flaw attacks or not. The results show that it is able to capture type flaw attacks on those security protocols. 相似文献
15.
16.
17.
张晓敏 《网络安全技术与应用》2012,(8):21-24
跨域端到端口令认证密钥协商协议(C2C-PAKA)的主要目的是使分布在不同域中持有不同口令的两个客户端可以在各自服务器的协助下实现相互认证并协商出共同的会话密钥。本文中,我们基于椭圆曲线上的离散对数问题,在直接通信架构下给出一个跨域的口令认证的密钥协商协议。该协议中,诚实的服务器是不能获取任何关于会话密钥的值。各参与方之间能够实现相互认证。与同类协议比较,该协议具有较小的通信负担和计算负担,更易于实现。此外,协议还能够抵抗字典攻击、口令泄露模仿攻击和未知会话密钥共享攻击等通用攻击类型,同时能够实现前向安全、无密钥控制和已知会话密钥安全等安全属性。 相似文献
18.
19.
20.
一种基于椭圆曲线数字签名的可认证密钥分配方案 总被引:1,自引:0,他引:1
文章提出了一种基于椭圆曲线数字签名的可认证密钥分配方案,并对其安全性进行了分析、讨论。在此基础上提出了一种由会议主席产生会议密钥并秘密地传送给会议参加者,会议参加者可以对会议密钥及其签发者进行认证的会议密钥分配方案。 相似文献