共查询到16条相似文献,搜索用时 125 毫秒
1.
2.
认证协议是网络环境中一类重要的安全协议,对协议进行形式化分析是保障其安全性的主要手段。文章以BAN逻辑为工具.分析了网络中常用的Kerbems认证协议。结果表明。Kerbems协议达到了预期的认证目标。 相似文献
3.
通过实例说明了BAN逻辑在公钥体制认证协议中的局限性,分析了该局限性产生的原因,引入了“公开”的逻辑概念,提出了一种扩展BAN逻辑,并通过实例验证了扩展BAN逻辑的有效性. 相似文献
4.
5.
6.
7.
8.
9.
10.
11.
3G认证和密钥分配协议的形式化分析及改进 总被引:4,自引:0,他引:4
介绍了第三代移动通信系统所采用的认证和密钥分配(AKA)协议,网络归属位置寄存器/访问位置寄存器(HLR/VLR)对用户UE(用户设备)的认证过程和用户UE对网络HLR/VLR的认证过程分别采用了两种不同的认证方式,前者采用基于"询问-应答"式的认证过程,后者采用基于"知识证明"式的认证过程.使用BAN形式化逻辑分析方法分别对这两种认证过程进行了分析,指出在假定HLR与VLR之间系统安全的前提下,基于"知识证明"式的认证过程仍然存在安全漏洞.3GPP采取基于顺序号的补充措施;同时,文中指出了另一种改进方案. 相似文献
12.
Based on combined public key (CPK), a novel universal authentication protocol which conforms extensible authentication protocol (EAP) specification in heterogeneous networks was presented, so called EAP-CPK. Subsequently, detailed authentication process and related delay analysis of EAP-CPK in the 3rd Generation Partnership Project wireless local area network (3GPP-WLAN) interworking network were also given. In this paper, parameters from client and server related with mutual authentication process are classified systematically, and detailed verification process by using BurrowsAbadiNeedham89 (BAN) logic analysis is proposed. Security analysis results show that the proposed protocol is secure, and it not only can prevent man-in-the-middle attack and replay attack, but also can make lower system cost. 相似文献
13.
The 3rd Generation Partnership Project (3GPP) defined a new architecture, called Home eNode B (HeNB). The 3GPP has also presented a protocol for communications between HeNB and core networks for mutual authentication. To reduce the authentication costs associated with communication, compu-tation and energy, this paper proposes a simple and low-cost re-authentication protocol that does not compromise the provided security services. The proposed protocol uses as the re-authentication parameter a Master Session Key (MSK) that has already been computed in the initial authentication, and does not require the full initial authentication to be repeated. Moreover, the proposed protocol does not modify the 3GPP infrastructure, and is easily applied to the HeNB system. Finally, the security of the proposed protocol is veri?ed by Automated Validation of Internet Security Protocols and Applications (AVISPA) and Burrows-Abadi-Needham (BAN) Logic; de-tailed evaluations of performance are also given. The analysis results illustrate that the proposed protocol can achieve at least 50% cost reduction in communication and 58% cost reduction in energy. The computational cost is also reduced by half compared with the initial authentication. 相似文献
14.
15.
Mohammad Javad Sadri Maryam Rajabzadeh Asaar 《International Journal of Communication Systems》2020,33(14)
Internet of Vehicles (IoV), as the next generation of transportation systems, tries to make highway and public transportation more secure than used to be. In this system, users use public channels for their communication so they can be the victims of passive or active attacks. Therefore, a secure authentication protocol is essential for IoV; consequently, many protocols are presented to provide secure authentication for IoV. In 2018, Yu et al proposed a secure authentication protocol for WSNs in vehicular communications and claimed that their protocol could satisfy all crucial security features of a secure authentication protocol. Unfortunately, we found that their protocol is susceptible to sensor capture attack, user traceability attack, user impersonation attack, and offline sink node's secret key guessing attack. In this paper, we propose a new authentication protocol for IoV which can solve the weaknesses of Yu et al's protocol. Our protocol not only provides anonymous user registration phase and revocation smart card phase but also uses the biometric template in place of the password. We use both Burrow‐Abadi‐Needham (BAN) logic and real‐or‐random (ROR) model to present the formal analysis of our protocol. Finally, we compare our protocol with other existing related protocols in terms of security features and computation overhead. The results prove that our protocol can provide more security features and it is usable for IoV system. 相似文献
16.
假冒和窃听攻击是无线通信面临的主要威胁。在个人通信系统中,为了对无线链路提供安全保护,必须对链路上所传送的数据/话音进行加密,而且在用户与服务网络之间必须进行相互认证。近年来,人们在不同的移动通信网络(如GSM,IS-41,CDPD,Wireless LAN等)中提出了许多安全协议。然而,这些协议在个人通信环境中应用时存在不同的弱点。本文基于个人通信系统的双钥保密与认证模型,设计了用户位置登记认证协议;并采用BAN认证逻辑对协议的安全性进行了形式化证明,也对协议的计算复杂性进行了定性分析。分析表明,所提出的协议与现有的协议相比具有许多新的安全特性。 相似文献