共查询到20条相似文献,搜索用时 0 毫秒
1.
UAP协议不具有前向保密性和密钥泄露的安全性。论文提出了一种安全的AKC协议,简称SAKC协议,它不仅具有前向保密性和密钥泄露的安全性,还有较好的执行效率。 相似文献
2.
密钥协商协议应该在满足安全性的条件下,使实现协议所需的计算开销尽可能小。文中提出了一个基于身份的认证密钥协商协议BAKAP(ID-Based Authenticated Key Agreement Protocol)。该协议提供了已知密钥安全性、完善前向保密性、密钥泄露安全性、未知密钥共享安全性和密钥控制安全性。在该协议中,参与者只需执行两次椭圆曲线点乘法和一次双线性运算。该协议与已有协议相比,计算代价小。 相似文献
3.
Wireless Personal Communications - The IP multimedia subsystem represents an architectural framework to support multimedia-based services using internet protocol over wired and wireless media.... 相似文献
4.
针对Diffie-Hellman密钥交换协议和ECDH密钥协商协议的缺陷,给出了一种改进后的可认证密钥协商协议。该协议具有等献性、密钥不可控、密钥确认、完美前向安全以及抗已知密钥攻击等安全特性。跟以往的密钥协商协议相比,其管理简单、开销较低、安全性高、扩展性较好且实现了身份认证,以较低的计算成本和较高的运算效率实现了通信双方安全的会话密钥协商与密钥验证,能够较好地适用于大规模网络的端到端密钥管理。 相似文献
5.
Authentication schemes are widely used mechanisms to thwart unauthorized access of resources over insecure networks. Several smart card based password authentication schemes have been proposed in the literature. In this paper, we demonstrate the security limitations of a recently proposed password based authentication scheme, and show that their scheme is still vulnerable to forgery and offline password guessing attacks and it is also unable to provide user anonymity, forward secrecy and mutual authentication. With the intention of fixing the weaknesses of that scheme, we present a secure authentication scheme. We show that the proposed scheme is invulnerable to various attacks together with attacks observed in the analyzed scheme through both rigorous formal and informal security analysis. Furthermore, the security analysis using the widely-accepted Real-Or-Random (ROR) model ensures that the proposed scheme provides the session key (SK) security. Finally, we carry out the performance evaluation of the proposed scheme and other related schemes, and the result favors that the proposed scheme provides better trade-off among security and performance as compared to other existing related schemes. 相似文献
6.
Wireless Personal Communications - For providing strong mutual authentication in a multi-server environment many algorithms have been proposed. Most of the algorithms provide mutual authentication... 相似文献
7.
A multi-server environment is an important application paradigm in the Internet of Things (IoT). It enables a user access services from different vendors without having to go through multiple registration. The privacy of one who desires to access these services is often crucial. In order to access this service in a manner that assures user privacy, a user needs to be anonymously authenticated independent of the vendors’ services. However, existing identity-based anonymous schemes are only suitable for the client-server domain. Moreover, these schemes provide conditional anonymity which presupposes that if an adversary discovers the user’s private key, the identity can easily be recovered and misused. To avoid this situation, a new unconditional anonymity identity-based user authenticated key agreement scheme for IoT multi-server environment is introduced in this paper. Our protocol applies a ring signature to allow users to anonymously authenticate themselves in the severs without revealing their identities. Hence, an adversary cannot recover the user’s identity even when the user’s private key is known. We further provide a security proof in the random oracle model. Compared with the existing protocols, our proposed scheme is well fitting for mobile phone applications and guarantees the privacy of users in IoT multi-server domain. 相似文献
8.
Wireless Personal Communications - Internet of Things (IoT) is a revolution which has influenced the lifestyle of human. Wireless Body Area Networks (WBAN)s are IoT-based applications which have a... 相似文献
9.
In mobile multi-server authentication, a client can access different servers over an insecure channel like Internet and wireless networks for numerous online applications. In the literature, several multi-server authentication schemes for mobile clients have been devised. However, most of them are insecure against ephemeral secret leakage (ESL) attack and other vulnerabilities. For mutual authentication and key agreement, mobile client and server used ephemeral secrets (random numbers) and leakage of these secrets may be possible in practice. Since these are generated by an external source that may be controlled by an adversary. Also they are generally pre-computed and stored in insecure devices. Thus, if the secrets are leaked then the session key would turn out to be known and the private keys of client and server may be compromised from the eavesdropped messages. This phenomenon is called ESL attack. To defeat the weaknesses, in this paper, we design an ESL attack-free identity-based mutual authentication and key agreement scheme for mobile multi-server environment. The proposed scheme is analyzed and proven to be provably secure in the random oracle model under the Computational Diffie–Hellman assumption. 相似文献
10.
A body area network (BAN) is a wireless network of health monitoring sensors designed to deliver personalized healthcare. Securing intersensor communications within BANs is essential for preserving not only the privacy of health data, but also for ensuring safety of healthcare delivery. This paper presents physiological-signal-based key agreement (PSKA), a scheme for enabling secure intersensor communication within a BAN in a usable (plug-n-play, transparent) manner. PSKA allows neighboring nodes in a BAN to agree to a symmetric (shared) cryptographic key, in an authenticated manner, using physiological signals obtained from the subject. No initialization or predeployment is required; simply deploying sensors in a BAN is enough to make them communicate securely. Our analysis, prototyping, and comparison with the frequently used Diffie–Hellman key agreement protocol shows that PSKA is a viable intersensor key agreement protocol for BANs. 相似文献
12.
Wireless Personal Communications - Today's hyper-connected digital environment makes two-way authentication and secured key agreement a fundamental requirement for a secure connection. The... 相似文献
13.
1Introduction Wirelesscommunicationhasbeenahotissuesince1990.includingAdhocandwirelesssensornetworks,etc.Especially,WirelessSensorNetwork(WSN).Whichhasreceivedconsiderableattentionduringlast decade[1-2].Ithasbeendevelopedforawidevarietyof applications,inc… 相似文献
14.
Harn和Lin最近提出了一种无单向函数的多重密钥协同认证协议(H—L方案)。Yen和Joye发现H—L方案存在安全性弱点,并提出了一种改进的协议方案(Y—J方案)。而Wu,He和Hsu指出Y—J方案仍然存在安全性问题,是不安全的。进而利用单向杂凑函数给出了新的方案(W—H—H方案),增强了Y—J方案和H—L方案中的交互认证的安全性,但这违背了最初H—L方案不利用单向函数的原则。本文给出了一种新的改进协议方案,不利用单向函数,仍可保证协议的安全性。 相似文献
15.
Wireless Personal Communications - Recently, biometric based authentication scheme gains popularity due to its high security, integrity, and authenticity properties. In the recent past, Qi et al.... 相似文献
17.
Communication network has grown to the stage where it becomes ubiquitous. It allows us to access to on-line services at anytime, anywhere and by any devices. This brings out new services, that was previous only accessible via computers, now are available on mobile devices such as e-commerce applications. These applications require mobile users to be authenticated in order to use the services. In this paper, we proposed a novel authenticated key agreement scheme that allows users and servers mutually authenticate each other. Our scheme also conceals users’ identities from adversaries; this is provided in initiator untraceability property of the scheme. Furthermore, the scheme has good computation cost as well as communication and storage costs; thus, the proposed scheme is suitable for the mobile devices. 相似文献
18.
In this paper, we present and analyze a variant of Burmester-Desmedt group key agreement protocol (BD) and enhance it to dynamic setting where a set of users can leave or join the group at any time during protocol execution with updated keys. In contrast to BD protocol, let us refer to our protocol as DB protocol. Although the DB protocol is similar to BD protocol, there are subtle differences between them: 1) Key computation in DB protocol is different and simpler than in BD protocol with same complexity of BD protocol; 2) Number of rounds required in our authenticated DB protocol is one less than that in authenticated BD protocol introduced by Katz-Yung; 3) DB protocol is more flexible than BD protocol in the sense that DB protocol is dynamic. The reusability of user's precomputed data in previous session enables the join and leave algorithms of our DB protocol to reduce most user's computation complexities which can be useful in real life applications; and 4) DB protocol has the ability to detect the presence of corrupted group members, although one can not detect who among the group members are behaving improperly. 相似文献
19.
With the rapid progress of wireless mobile communications, the authenticated key agreement (AKA) protocol has attracted an increasing amount of attention. However, due to the limitations of bandwidth and storage of the mobile devices, most of the existing AKA protocols are not suitable for wireless mobile communications. Recently, Lo and others presented an efficient AKA protocol based on elliptic curve cryptography and included their protocol in 3GPP2 specifications. However, in this letter, we point out that Lo and others’ protocol is vulnerable to an offline password guessing attack. To resist the attack, we also propose an efficient countermeasure. 相似文献
20.
群组密钥协商是群组通信中非常重要的基本工具,现有群组密钥协商机制需要本地组成员全部参与协商,这严重制约群组通信系统的可扩展性与高效性。针对这个问题,文中提出了一种基于服务器端的群组密钥协商方案。该方案仅需要与每个组成员连接的服务器组间密钥协商,从而能够降低群组的存储开销和通信开销。同时在客户端函数库内通过设计一个单向映射机制实现从服务器组密钥到群组密钥变换。与基于客户端函数库的密钥协商机制相比,其可扩展性及密钥协商效率更高。 相似文献
|
