共查询到18条相似文献,搜索用时 140 毫秒
1.
2.
射频识别系统(RFID)由于运行在开放系统环境而存在诸多安全问题,针对各种安全隐患,在分析几种典型的安全协议的认证过程及优缺点的基础上,提出一种基于Hash的RFID安全协议的设计方法,该协议利用Hash函数的单向性及R、S参数的随机性,有效的实现了RFID系统的安全保护.该安全协议能有效的防止重放攻击、假冒攻击、窃听攻击和位置跟踪,具有前向安全,计算量低、成本低的特点,适合于大量射频标签的场合. 相似文献
3.
提出采用模型检验方法研究电子商务协议的非否认性与公平性问题,建立了认证电子邮件协议CMP1的有限状态机模型,并用SMV检验工具对其非否认性与公平性进行了分析检验,经过分析发现了CMP1协议不满足公平性并对其进行了相应修改.结果表明,利用符号模型检验方法分析检验电子商务协议的新特性是行之有效的. 相似文献
4.
提出了条件接收系统中智能卡和机顶盒安全通信的协议.协议使用了Schnorr身份方案实现机顶盒对智能卡的认证,并使用一个非对称密码系统实现智能卡对机顶盒的认证.协议最小化了智能卡的在线计算负担,同时保持与其它协议同样的安全水平.对协议的安全性和性能进行了分析.分析结果表明,协议对于恶意攻击是鲁棒的,并且非常适合于只有有限处理能力的智能卡.而且,协议为不同的条件接收系统使用同样的机顶盒提供了可能,因为在协议中机顶盒不需要事先存储任何条件接收系统的秘密私有数据. 相似文献
5.
目前,对水声网络协议干扰和攻击的研究大多采用单个节点的攻击方法。在此基础上,为提升攻击性能,研究了分布式协议攻击方法。通过OPNET仿真软件构建水声网络模型,采用不同的协议攻击方法对目标水声网络进行攻击仿真研究,包括单节点工作方式和多节点的分布式协议攻击。比较了不同的工作方式达到的干扰效果以及不同协议攻击方法的分布式攻击工作方式的干扰效果。结果表明,采用分布式协议攻击工作方式,在其他条件相同的情况下,目标网络吞吐量比单节点攻击工作方式多下降了5%以上,对水声网络的干扰效果更佳。 相似文献
6.
7.
8.
9.
介绍SSH(Secure Shell)网络安全协议的基本内容及层次结构,分析SSH协议由于自身缺陷容易受到的最典型的两种攻击,并对这两种攻击提出有针对性的防范措施,从而提高通过SSH协议进行远程登录的安全性。 相似文献
10.
11.
Tele-medical information system provides an efficient and convenient way to connect patients at home with medical personnel in clinical centers. In this system, service providers consider user authentication as a critical requirement. To address this crucial requirement, various types of validation and key agreement protocols have been employed. The main problem with the two-way authentication of patients and medical servers is not built with thorough and comprehensive analysis that makes the protocol design yet has flaws. This paper analyzes carefully all aspects of security requirements including the perfect forward secrecy in order to develop an efficient and robust lightweight authentication and key agreement protocol. The secureness of the proposed protocol undergoes an informal analysis, whose findings show that different security features are provided, including perfect forward secrecy and a resistance to DoS attacks. Furthermore, it is simulated and formally analyzed using Scyther tool. Simulation results indicate the protocol’s robustness, both in perfect forward security and against various attacks. In addition, the proposed protocol was compared with those of other related protocols in term of time complexity and communication cost. The time complexity of the proposed protocol only involves time of performing a hash function Th, i.e.,: O(12Th). Average time required for executing the authentication is 0.006 seconds; with number of bit exchange is 704, both values are the lowest among the other protocols. The results of the comparison point to a superior performance by the proposed protocol. 相似文献
12.
In the emerging Industrial Internet of Things (IIoT), authentication problems have become an urgent issue for massive resource-constrained devices because traditional costly security mechanisms are not suitable for them. The security protocol designed for resource-constrained systems should not only be secure but also efficient in terms of usage of energy, storage, and processing. Although recently many lightweight schemes have been proposed, to the best of our knowledge, they are unable to address the problem of privacy preservation with the resistance of Denial of Service (DoS) attacks in a practical way. In this paper, we propose a lightweight authentication protocol based on the Physically Unclonable Function (PUF) to overcome the limitations of existing schemes. The protocol provides an ingenious authentication and synchronization mechanism to solve the contradictions amount forward secrecy, DoS attacks, and resource-constrained. The performance analysis and comparison show that the proposed scheme can better improve the authentication security and efficiency for resource-constrained systems in IIoT. 相似文献
13.
In order to deploy a secure WLAN mesh network, authentication of both users and APs is needed, and a secure authentication mechanism should be employed. However, some additional configurations of trusted third party agencies are still needed on-site to deploy a secure authentication system. This paper proposes a new block chain-based authentication protocol for WLAN mesh security access, to reduce the deployment costs and resolve the issues of requiring key delivery and central server during IEEE 802.11X authentication. This method takes the user’s authentication request as a transaction, considers all the authentication records in the mesh network as the public ledger and realizes the effective monitoring of the malicious attack. Finally, this paper analyzes the security of the protocol in detail, and proves that the new method can solve the dependence of the authentication node on PKI and CA. 相似文献
14.
To secure web applications from Man-In-The-Middle (MITM) and phishing attacks is a challenging task nowadays. For this purpose, authentication protocol plays a vital role in web communication which securely transfers data from one party to another. This authentication works via OpenID, Kerberos, password authentication protocols, etc. However, there are still some limitations present in the reported security protocols. In this paper, the presented anticipated strategy secures both Web-based attacks by leveraging encoded emails and a novel password form pattern method. The proposed OpenID-based encrypted Email’s Authentication, Authorization, and Accounting (EAAA) protocol ensure security by relying on the email authenticity and a Special Secret Encrypted Alphanumeric String (SSEAS). This string is deployed on both the relying party and the email server, which is unique and trustworthy. The first authentication, OpenID Uniform Resource Locator (URL) identity, is performed on the identity provider side. A second authentication is carried out by the hidden Email’s server side and receives a third authentication link. This Email’s third SSEAS authentication link manages on the relying party (RP). Compared to existing cryptographic single sign-on protocols, the EAAA protocol ensures that an OpenID URL’s identity is secured from MITM and phishing attacks. This study manages two attacks such as MITM and phishing attacks and gives 339 ms response time which is higher than the already reported methods, such as Single Sign-On (SSO) and OpenID. The experimental sites were examined by 72 information technology (IT) specialists, who found that 88.89% of respondents successfully validated the user authorization provided to them via Email. The proposed EAAA protocol minimizes the higher-level risk of MITM and phishing attacks in an OpenID-based atmosphere. 相似文献
15.
Long-Term Evolution/Long-Term Evolution Advanced (LTE/LTE-A) is the latest mobile communication technology that is offering high data rates and robust performance to the subscribers. Since LTE/LTE-A standards are established on the Internet Protocol (IP) connectivity and provide compatibility with the heterogeneous networks, these new features create availability of the new security challenges in the LTE/LTE-A networks. Taking into consideration the issues of serious signalling congestion and security loopholes in LTE/LTE-A networks, the authors propose an Efficient Authentication and Key Agreement Protocol for Evolved Packet System (EAKA-EPS) with secure handover procedures. The proposed protocol achieves outstanding results in terms of the optimization of computation and signalling overhead. With this, the protocol guarantees the needed security requirements like protected wireless interface and strong mutual authentication between the entities, and ensures access stratum secrecy at the time of handovers. The formal verification results of the proposed scheme over the security verification and simulation tool “Automated Validation of Internet Security Protocols and Applications (AVISPA)” show that the suggested protocol is safe against various malicious attacks, which are still possible in LTE/LTE-A networks. To the best of the authors’ knowledge, the suggested approach is the first approach that provides perfect secrecy with less computation and communication overhead in the LTE/LTE-A networks. 相似文献
16.
Shadi Nashwan 《计算机、材料和连续体(英文)》2021,68(1):607-625
The healthcare internet of things (IoT) system has dramatically reshaped this important industry sector. This system employs the latest technology of IoT and wireless medical sensor networks to support the reliable connection of patients and healthcare providers. The goal is the remote monitoring of a patient’s physiological data by physicians. Moreover, this system can reduce the number and expenses of healthcare centers, make up for the shortage of healthcare centers in remote areas, enable consultation with expert physicians around the world, and increase the health awareness of communities. The major challenges that affect the rapid deployment and widespread acceptance of such a system are the weaknesses in the authentication process, which should maintain the privacy of patients, and the integrity of remote medical instructions. Current research results indicate the need of a flexible authentication scheme. This study proposes a scheme with enhanced security for healthcare IoT systems, called an end-to-end authentication scheme for healthcare IoT systems, that is, an E2EA. The proposed scheme supports security services such as a strong and flexible authentication process, simultaneous anonymity of the patient and physician, and perfect forward secrecy services. A security analysis based on formal and informal methods demonstrates that the proposed scheme can resist numerous security-related attacks. A comparison with related authentication schemes shows that the proposed scheme is efficient in terms of communication, computation, and storage, and therefore cannot only offer attractive security services but can reasonably be applied to healthcare IoT systems. 相似文献
17.
基于SET协议的一种身份认证新模型 总被引:3,自引:0,他引:3
SET是电子商务中最有生命力的一种标准 ,也提出了一种最为完善的身份认证模型 ,但极其复杂 ,计算量过大 .本文通过引入身份标识码和支付期有效码等概念 ,提出了一种身份认证新模型 ,减少了计算量 ,且确保了信息的安全性、完整性和不可抵赖性 相似文献
18.
Tariq Mahmood Butt Rabia Riaz Chinmay Chakraborty Sanam Shahla Rizvi Anand Paul 《计算机、材料和连续体(英文)》2021,68(2):1877-1891
Given the accelerating development of Internet of things (IoT), a secure and robust authentication mechanism is urgently required as a critical architectural component. The IoT has improved the quality of everyday life for numerous people in many ways. Owing to the predominantly wireless nature of the IoT, connected devices are more vulnerable to security threats compared to wired networks. User authentication is thus of utmost importance in terms of security on the IoT. Several authentication protocols have been proposed in recent years, but most prior schemes do not provide sufficient security for these wireless networks. To overcome the limitations of previous schemes, we propose an efficient and lightweight authentication scheme called the Cogent Biometric-Based Authentication Scheme (COBBAS). The proposed scheme is based on biometric data, and uses lightweight operations to enhance the efficiency of the network in terms of time, storage, and battery consumption. A formal security analysis of COBBAS using Burrows–Abadi–Needham logic proves that the proposed protocol provides secure mutual authentication. Formal security verification using the Automated Validation of Internet Security Protocols and Applications tool shows that the proposed protocol is safe against man-in-the-middle and replay attacks. Informal security analysis further shows that COBBAS protects wireless sensor networks against several security attacks such as password guessing, impersonation, stolen verifier attacks, denial-of-service attacks, and errors in biometric recognition. This protocol also provides user anonymity, confidentiality, integrity, and biometric recovery in acceptable time with reasonable computational cost. 相似文献