雷达与导航、声纳与对抗

0514059“机卡分离”数字电视机顶盒[刊,中]/吴国安//电视技术.—2005,(1).—45-47(L2)目前,信息产业部关于“机卡分离”政策出台了两套方案,一套被称作“大卡”方案,一套被称作“小卡”方案。根据现有的“机卡分离”技术,分析了两种方案在中国的发展趋势。参5     

小议"机卡分离"标准三方案

2003年信产部提出机卡分离产业政策后,相关标准化工作也随之启动。机卡分离的标准化也成为业内讨论的和关注热点。以大唐、国微为代表的一组企业力推PCMCIA方案,以清华为代表的力推USB方案,以上交大为代表的力推小卡方案。一时间沸沸扬扬,雾里看花。     

基于UTI接口的机卡分离系统

介绍了国内的3种机卡分离方案,并通过分析清华大学UTI标准的完善过程,总结机卡分离方案设计中存在的实际问题和解决方案.最后对未来的机卡分离技术进行了展望.     

机卡分离的背后

机卡分离,较正式的说法得从2002年11月全国音视频标委会成立数字电视C A机卡分离标准工作组开始。2003年5月,国家数字电视领导小组举行会议,将数字电视CA机卡分离确定为我国的产业政策。同年6月,信产部规划司、科技司、产品司联合召开国内相关产业参加的CA机卡分离工作会议,确立了我国机卡分离的四项基本原则,并将CA机卡分离标准组升级为信息产业部机卡分离标准工作组。两年多的时间,机卡分离三大方案从研发走到了应用。今年5月国际软博会的展示和8月广博会数字新媒体论坛的亮相,三大方案更是由幕后走到台前。相应地,机卡分离标准的问题…     

"机卡分离"加速小灵通市场洗牌中兴新品掀狂飙

9月30日,全国新售小灵通将全部切换为"机卡分离"模式,运营商此举意味着现在销售的“机卡一体”式小灵通将从此淡出市场,而“机卡分离”式小灵通将大行其道。在此之前,中兴手机应时而动,在8月底一口气推出了多达五款定位各异的“机卡分离”式小灵通,其中既有极具性价比的直板机V     

"两步走"方案拆解数字电视整体转换难题

有线电视数字化整体转换已成为我国数字电视产业推进的主旋律,要在整体转换后尽快实现收支平衡和盈利,必须使数字电视机顶盒具备低成本的升级能力,以保证运营商能在普遍服务基础上开发出更多、更高附加值的增值业务.数字太和倡导的"两步走"的机卡分离路线能在保护运营商已有投资基础上,通过增加T-USB芯片,预留未来低成本升级和机卡分离的通道,并为基于USB的增值应用开创广阔空间,为运营商推进整体转换、提高投资回报提供了有力武器.     

关于对"机卡分离"数字电视接收设备的考虑

“机卡分离”就是要使数字电视接收设备的共性部分继续存在,得到一个满足基本要求的“机”——数字电视接收设备原型;将个性的部分分离出来,得到一个可灵活应用的“卡”,它满足于绝大多数网络运行商的要求。本文系统介绍了“机卡分离”的概念、技术实现方案和国内外数字电视接收设备应用现状,并分析了其市场前景。     

议机顶盒的发展趋势兼及"一体机"电视机

对数字电视机顶盒的发展趋势作了简单分析,对机卡分离技术和一体机的前景表达了看法.同时对数字电视机顶盒的发展方向提出个人建议.     

条件接收系统（CAS）技术讲座：第十二讲 机卡分离的机顶盒方案

1 机卡分离方案 当前国内外厂商生产的数字电视机顶盒主要存在如下问题:功能单一,与CA捆绑太紧并且软件不统一,不能像一般消费品那样通过市场销售. 所谓机卡分离是相对于"机卡配对"而言,机卡配对是指机顶盒与智能卡必须各自一一对应才能够完成信号的授权接收;机卡分离则是指将数字电视终端中的通用部分(硬件)独立出来,做成"机",而把各地广电运营商的CAS(条件接收系统)和EPG(电子节目指南)、下载器、中间件、数据广播等诸多增值服务部分做成"卡",机顶盒可以是通用的,只需要有合法的智能卡与之配合就可以实现信号的授权接收.     

数字电视机卡分离标准实施带来的发展机遇

2006年4月3日,信产部公布了机卡分离标准,并从即日起开始实施,PCMCIA大卡接口方案公开为行业推荐标准,本文较详细地介绍了机卡分离标准之争以及机卡分离标准实施给有线电视运营商、数字电视一体机生产商、机顶盒生产商带来的发展机遇。     

A new three-factor authentication and key agreement protocol for multi-server environment

Several password and smart-card based two-factor security remote user authentication protocols for multi-server environment have been proposed for the last two decades. Due to tamper-resistant nature of smart cards, the security parameters are stored in it and it is also a secure place to perform authentication process. However, if the smart card is lost or stolen, it is possible to extract the information stored in smart card using power analysis attack. Hence, the two factor security protocols are at risk to various attacks such as password guessing attack, impersonation attack, replay attack and so on. Therefore, to enhance the level of security, researchers have focused on three-factor (Password, Smart Card, and Biometric) security authentication scheme for multi-server environment. In existing biometric based authentication protocols, keys are generated using fuzzy extractor in which keys cannot be renewed. This property of fuzzy extractor is undesirable for revocation of smart card and re-registration process when the smart card is lost or stolen. In addition, existing biometric based schemes involve public key cryptosystem for authentication process which leads to increased computation cost and communication cost. In this paper, we propose a new multi-server authentication protocol using smart card, hash function and fuzzy embedder based biometric. We use Burrows–Abadi–Needham logic to prove the correctness of the new scheme. The security features and efficiency of the proposed scheme is compared with recent schemes and comparison results show that this scheme provides strong security with a significant efficiency.

     

Robust smart‐card‐based remote user password authentication scheme

Smart‐card‐based remote user password authentication schemes are commonly used for providing authorized users a secure method for remotely accessing resources over insecure networks. In 2009, Xu et al. proposed a smart‐card‐based password authentication scheme. They claimed their scheme can withstand attacks when the information stored on the smart card is disclosed. Recently, Sood et al. and Song discovered that the smart‐card‐based password authentication scheme of Xu et al. is vulnerable to impersonation and internal attacks. They then proposed their respective improved schemes. However, we found that there are still flaws in their schemes: the scheme of Sood et al. does not achieve mutual authentication and the secret key in the login phase of Song's scheme is permanent and thus vulnerable to stolen‐smart‐card and off‐line guessing attacks. In this paper, we will propose an improved and efficient smart‐card‐based password authentication and key agreement scheme. According to our analysis, the proposed scheme not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen‐smart‐card attack. Copyright © 2012 John Wiley & Sons, Ltd.     

Security flaws in two improved remote user authentication schemes using smart cards

Understanding security failures of cryptographic protocols is the key to both patching existing protocols and designing future schemes. In this paper, we analyze two recent proposals in the area of password‐based remote user authentication using smart cards. First, we point out that the scheme of Chen et al. cannot achieve all the claimed security goals and report its following flaws: (i) it is vulnerable to offline password guessing attack under their nontamper resistance assumption of the smart cards; and (ii) it fails to provide forward secrecy. Then, we analyze an efficient dynamic ID‐based scheme without public‐key operations introduced by Wen and Li in 2012. This proposal attempts to overcome many of the well‐known security and efficiency shortcomings of previous schemes and supports more functionalities than its counterparts. Nevertheless, Wen–Li's protocol is vulnerable to offline password guessing attack and denial of service attack, and fails to provide forward secrecy and to preserve user anonymity. Furthermore, with the security analysis of these two schemes and our previous protocol design experience, we put forward three general principles that are vital for designing secure smart‐card‐based password authentication schemes: (i) public‐key techniques are indispensable to resist against offline password guessing attack and to preserve user anonymity under the nontamper resistance assumption of the smart card; (ii) there is an unavoidable trade‐off when fulfilling the goals of local password update and resistance to smart card loss attack; and (iii) at least two exponentiation (respectively elliptic curve point multiplication) operations conducted on the server side are necessary for achieving forward secrecy. The cryptanalysis results discourage any practical use of the two investigated schemes and are important for security engineers to make their choices correctly, whereas the proposed three principles are valuable to protocol designers for advancing more robust schemes. Copyright © 2012 John Wiley & Sons, Ltd.     

An Improve Three Factor Remote User Authentication Scheme Using Smart Card

In this digital era, two entities can exchange the messages over internet even through the physical distance between them is much far. Before exchange they require to authenticate each other via authentication scheme. Biometric is one of the unique feature for each entity and can be accustomed to identify the authenticity of the entity. Motivated by this, many researchers had proposed the various schemes based on biometric feature for authentication using smart card. As smart card is not a temper resistance consummately, various attacks have been identified by the researchers in the biometric based authentication schemes. In this paper we review Wen et al.’s scheme and we find that Wen et al.’s scheme is vulnerable to insider attack, denial of service attack and user anonymity cannot achieve by them. Then we propose new remote user authentication algorithm where our algorithm is secure.     

EMV96的潜在缺陷和改进意见

EMV96是Europay、MasterCard、Visa提出的目前具有代表性的IC卡交易规范.相当多的IC卡交易系统和规范都建立EMV96的基础之上.本文系统地分析了EMV96的交易协议中的安全机制,得出EMV96用以实现应用的一些重要安全性假设;进一步分析表明:EMV96的一些假设使得EMV96不能很好地满足交易的四个条件,在不改变交易流程的前提下,针对EMV96的潜在缺陷,提出相应的改进意见.     

网络融合下的鉴权技术研究

为提供整体鉴权管理机制以实现固网与移动网络的融合,在对现有通信网络及IMS的安全鉴权进行研究的基础上,提出以EAP-AKA协议加上SIM卡的鉴权机制和只使用SIM卡的用户识别功能两种方案,形成融合网络的整体鉴权。最后对融合网络的未来鉴权机制做了探讨。     

An authentication and key agreement protocol for satellite communications

In 2009 and 2011, Chen et al. and Lasc et al. proposed two separate authentication schemes for mobile satellite communication systems. Unfortunately, their schemes are unable to protect security in the event of smart card loss. In this paper, we propose a novel version that resists common malicious attacks and improves both the schemes of Chen et al. and Lasc et al. The security of our scheme is based on the discrete logarithm problem and one‐way hash function. A nonce mechanism is also applied to prevent replay attack. Furthermore, our scheme is more efficient than related schemes and thus more suitable for being implemented in satellite communication systems. Copyright © 2012 John Wiley & Sons, Ltd.     

Biometric-based Remote Mutual Authentication Scheme for Mobile Device

Remote user authentication schemes provide a system to verify the legitimacy of remote users’ authentication request over insecure communication channel. In the past years, many authentication schemes using password and smart card have been proposed. However, password might be guessed, leaked or forgotten and smart card might be shared, lost or stolen. In contrast, the biometrics which utilize biological characteristics, such as face, fingerprint or iris, have no such weakness. With the trend of mobile payment, more and more applications of mobile payment use biometrics to replace password and smart card. In this paper, we propose a biometric-based remote authentication scheme substituting biometric and mobile device bounded by user for password and smart card. This scheme is more convenient, suitable and securer than the schemes using smart cards on mobile payment environment.

     

Cryptanalysis and improvement of ‘a robust smart‐card‐based remote user password authentication scheme’

With the use of smart card in user authentication mechanisms, the concept of two‐factor authentication came into existence. This was a forward move towards more secure and reliable user authentication systems. It elevated the security level by requiring a user to possess something in addition to know something. In 2010, Sood et al. and Song independently examined a smart‐card‐based authentication scheme proposed by Xu et al. They showed that in the scheme of Xu et al., an internal user of the system can turn hostile to impersonate other users of the system. Both of them also proposed schemes to improve the scheme of Xu et al. Recently, Chen et al. identified some security problems in the improved schemes proposed by Sood et al. and Song. To fix these problems, Chen et al. presented another scheme, which they claimed to provide mutual authentication and withstand lost smart card attack. Undoubtedly, in their scheme, a user can also verify the legitimacy of server, but we find that the scheme fails to resist impersonation attacks and privileged insider attack. We also show that the scheme does not provide important features such as user anonymity, confidentiality to air messages, and revocation of lost/stolen smart card. Besides, the scheme defies the very purpose of two‐factor security. Furthermore, an attacker can guess a user's password from his or her lost/stolen smart card. To meet these challenges, we propose a user authentication method with user anonymity. We show through analysis and comparison that the proposed scheme exhibits enhanced efficiency in contrast to related schemes, including the scheme of Chen et al. Copyright © 2013 John Wiley & Sons, Ltd.     

基于智能卡的轻量级非平衡型口令认证方案

智能卡与口令相结合的身份认证方式既可保留使用强密钥优势,又具有使用方便的特点,是一种理想的安全双因子认证方式。当前许多公开的口令认证方案,要么需要较强的计算环境而难于采用智能卡快速实现,要么不能抵抗离线口令猜测攻击或服务端内部攻击而存在安全缺陷。提出一种非平衡型口令认证方案,基于智能卡和用户口令双因子设计,具有简便高效、口令安全、双向认证特点,能够抵御离线口令猜测攻击和服务端内部攻击,可用于满足设备开机时的安全认证需求。