共查询到20条相似文献,搜索用时 109 毫秒
1.
黄萍 《计算机与信息技术》2007,(Z1)
本文针对大型动态多播组的特点,提出了一种可扩展的分布式密钥管理协议。协议中所有组成员共享一个用来保证安全通信的组密钥。协议支持多播组的动态性,组中各成员可以自由的加入或离开。通过对协议安全性分析,证明了协议能保证组密钥安全、向前访问安全和向后访问安全。协议对计算量和存储空间的需求不高。 相似文献
2.
3.
为了实现网络安全,一个重要的方法是网络用户传送加密和可鉴定的消息.此时,用来加密和鉴定的密钥应该由网络中的用户协商得到.提出了3个基于Weil对的成对密钥协商协议.在协议中,所有用户共享一个秘密信息,通过较少的步骤,同时实现密钥协商和用户认证.提出的协议满足如下的安全特性:部分密钥泄漏的安全性、完备的前向安全性、个人密钥泄漏的安全性、无不明的密钥共享和无法控制密钥等. 相似文献
4.
论文在BB84协议基础上提出了一个无线网络量子密钥协议,该协议利用一条具有回路的量子信道传送信息并设计一种新的编码方式,使光子利用效率达到100%,密钥分配效率是BB84量子密钥分配协议的两倍或更高,并且该协议不需要容易被攻击的经典信道,更适用于无线网络.该协议通过预共享密钥方法进行身份认证,避免了攻击者跳过身份认证直接发送密钥的弊端,采用消息摘要的方法验证消息是否被篡改或窃听,由于消息摘要使用了预共享密钥进行一次一密加密,攻击者无法篡改,从而保证安全. 相似文献
5.
Internet密钥交换协议中主密钥的安全保护策略 总被引:1,自引:0,他引:1
讨论了主密钥安全保护在密钥管理中的重要地位,研究了IPSec及IKE协议的工作机制,分析了使用预共享密钥认证的IKE协议密钥存储的安全隐患,并给出了一种主密钥的安全保护方案。 相似文献
6.
Diffie-Hellman密钥交换是一个可以使通信双方在不可信信道上建立共享密钥,并使之应用于后继对称密钥通信系统的一种密码协议。本原根是实现Diffie-Hellman密钥交换协议的一个核心参数,直接影响协议本身的安全性。对于大素数,确定其本原根是一个复杂的过程,如果根据定义来检测本原根,会因为运算开销太大而影响保密通信性能。本文阐述并证明了一个能够快速确定本原根的算法,给出了流程设计和基于JAVA的程序实现。 相似文献
7.
8.
针对移动通信中的可证安全的双向密钥认证协议MAKAP协议的缺陷--不能抵御未知密钥共享攻击,给出了一个改进后的MAKAP+协议,在随机预言机模型中证明了本协议的安全性.改进后的协议不使用任何加密解密算法,具有更高的可靠性.通过性能分析,证明了此协议的实用性. 相似文献
9.
10.
理性密钥共享体制通过引入惩罚策略使得参与者不会偏离协议,常采用的惩罚是一旦发现有人偏离就立即终止协议.这种惩罚策略有时导致惩罚人自身利益严格受损,从而降低了对被惩罚人的威慑.为了克服这一弱点,本文以扩展博弈为模型分析了理性密钥共享体制.首先给出(2,2)门限的理性密钥共享体制,证明了所给的协议是该博弈的一个序贯均衡,即经过任何历史之后坚持原协议仍然是每一个参与者的最优选择.特别地,在发现有人偏离后,协议所给出的惩罚策略既可以有效惩罚偏离者又能够完全维护惩罚人的利益.这是本文对前人设计的理性密钥共享体制的一个重要改进.然后针对将协议扩展到(t,n)门限情形,实现密钥分发人离线,达到计算的均衡等相关问题给出了一般的解决方案. 相似文献
11.
Takaaki Mizuki Hiroki Shizuya Takao Nishizeki 《International Journal of Information Security》2002,1(2):131-142
Using a random deal of cards to players and a computationally unlimited eavesdropper, all players wish to share a one-bit
secret key which is information-theoretically secure from the eavesdropper. This can be done by a protocol to make several
pairs of players share one-bit secret keys so that all these pairs form a tree over players. In this paper we obtain a necessary
and sufficient condition on the number of cards for the existence of such a protocol.
Published online: 29 January 2002 相似文献
12.
Sheng-LiLiu Fang-GuoZhang Ke-FeiChen 《计算机科学技术学报》2004,19(2):0-0
In this paper, an authenticated tripartite key agreement protocol is proposed, which is an ID-based one with pairings. This protocol involves only one round. The authenticity of the protocol is assured by a special signature scheme, so that messages carrying the information of two ephemeral keys can be broadcasted authentically by an entity. Consequently, one instance of the protocol results in eight session keys for three entities. In other word, one instance of the protocol generates a session key, which is eight times longer than those obtained from traditional key agreement protocols. Security attributes of the protocol are presented, and the computational overhead and bandwidth of the broadcast messages are analyzed as well. 相似文献
13.
14.
Lee et al. [4] proposed two new authenticated multiple key exchange protocols based on Elliptic Curve Cryptography (ECC) and bilinear pairings. In this paper, we show an impersonation attack on their pairing-based authenticated key exchange protocol. We demonstrate that any attacker can impersonate an entity to share multiple session keys with another entity of his/her choice by using only the public key of the victim. Moreover, their protocol fails to provide perfect forward secrecy, despite of their claim to the contrary. Thus, we propose a simple modification to the original protocol which avoids our attack. 相似文献
15.
双方认证密钥协商是生成会话密钥的重要手段。分析了赵建杰等于2011年提出的一个可证明安全的双方认证密钥协商协议,指出如果敌手持有原协议的长期私钥,协议是不安全的。提出一种改进的协议,新协议将影响安全性的公开参数保护起来,避免了长期私钥的泄露,并对新协议的安全性和计算量进行了讨论。分析结果表明,新协议在减少计算量的前提下实现了协议双方的安全密钥协商。 相似文献
16.
Mohammad Sabzinejad FarashAuthor Vitae Majid BayatAuthor Vitae 《Computers & Electrical Engineering》2011,37(2):199-204
In 2008, Lee et al. proposed two multiple-key agreement protocols, first one based on elliptic curve cryptography (ECC) and the other one, based on bilinear pairings. Shortly after publication, Vo et al. showed that the Lee-Wu-Wang’s pairing-based protocol is vulnerable to impersonation attack then for removing the problem, they proposed an improved protocol. In this paper, first We show that the Lee-Wu-Wang’s ECC-based protocol is insecure against forgery attack and also, if long-term private keys of two entities and one key of the session keys are revealed, the other session keys are exposed too. Then, we demonstrate that the Vo-Lee-Yeun-Kim’s protocol is vulnerable to another kind of forgery attacks and a reflection attack. 相似文献
17.
In this paper, we realize Shamir’s no-key protocol via quantum computation of Boolean functions and a private quantum channel. The proposed quantum no-key protocol has three rounds and provides mutual data origin authentication. Random Boolean functions are used to create entanglement and guarantee that any adversary without keys cannot pass the authentication. Thus, our protocol can resist the man-in-the-middle attack. A security analysis has shown that pieces of ciphertexts of the three rounds are completely mixed state. This property ensures no adversary can get any information about the sent message or authentication keys. Therefore, our protocol is unconditionally secure and its authentication keys can be reused. 相似文献
18.
为增强TCM芯片间密钥的互操作性,TCM提供了密钥迁移相关命令接口,允许用户设计密钥迁移协议以实现芯片间密钥的共享.通常,TCM密钥迁移协议以目标TCM上的新父密钥作为迁移保护密钥.研究发现,该协议存在两个问题:对称密钥不能作为被迁移密钥的新父密钥,违背了TCM的初始设计思想;缺少交互双方TCM的相互认证,导致源TCM的被迁移密钥可以被外部敌手获得,并且敌手可以将其控制的密钥迁移到目标TCM中.针对上述问题,提出两个新的密钥迁移协议:协议1遵循TCM目前的接口规范,以目标TCM的PEK(platform encryption key)作为迁移保护密钥,能够认证目标TCM,并允许对称密钥作为新父密钥;协议2简单改动了TCM接口,以源TCM和目标TCM进行SM2密钥协商,得到的会话密钥作为迁移保护密钥,解决了上述两个问题,并且获得了前向安全属性.最后,使用形式化分析方法对上述协议进行安全性分析,分析结果显示,协议满足正确性和预期的安全属性. 相似文献
19.
Security of robust generalized MQV key agreement protocol without using one-way hash functions 总被引:1,自引:0,他引:1
The MQV key agreement protocol has been adopted by IEEE P1363 Committee to become a standard, which uses a digital signature to sign the Diffie–Hellman public keys without using any one-way hash function. Based on the MQV protocol, Harn and Lin proposed a generalized key agreement protocol to enable two parties to establish multiple common secret keys in a single round of message exchange. However, the Harn–Lin protocol suffers from the known-key attack if all the secret keys established are adopted. Recently, Tseng proposed a new generalized MQV key agreement protocol without using one-way hash functions. Tseng claimed that the proposed protocol is robust since the new protocol can withstand the forgery attack and the known-key attack. In this paper we show that this protocol is not secure since the receiver can forge signatures. We also propose an improved authenticated multiple-key agreement protocol, which is secure against the forgery attack and the known-key attack. 相似文献
20.
Using AVL trees for fault-tolerant group key management 总被引:1,自引:0,他引:1
Ohad Rodeh Kenneth P. Birman Danny Dolev 《International Journal of Information Security》2002,1(2):84-99
In this paper we describe an efficient algorithm for the management of group keys for group communication systems. Our algorithm
is based on the notion of key graphs, previously used for managing keys in large Internet-protocol multicast groups. The standard protocol requires a centralized
key server that has knowledge of the full key graph. Our protocol does not delegate this role to any one process. Rather,
members enlist in a collaborative effort to create the group key graph. The key graph contains n keys, of which each member
learns log2n of them. We show how to balance the key graph, a result that is applicable to the centralized protocol. We also show how
to optimize our distributed protocol, and provide a performance study of its capabilities.
Published online: 26 October 2001 相似文献