共查询到20条相似文献,搜索用时 109 毫秒
1.
一个高效的无线匿名认证和密钥协商协议 总被引:2,自引:0,他引:2
无线通信中,身份认证和密钥协商是一个重要的安全问题。文章首先指出文献[4]中构造的相关协议的安全漏洞和攻击方法;然后提出来一个半匿名基于XTR公钥体制的签密算法,基于该算法构造了一个高效的无线匿名认证和密钥协商协议;最后对该协议的安全性、计算量和通信量进行了评估。 相似文献
2.
云存储可以使用户在不扩大自身存储的情况下保存更多数据,而客户端去重技术的引入使用户在本地对重复数据进行有效删除,极大提高云存储利用率,节省通信开销.本文利用文献[10]中基于盲签名随机化收敛密钥的思想,提出了一个新的基于客户端密文去重方案.新方案中重复验证标签和拥有权证明可有效抵抗暴力字典攻击,并利用三方密钥协商方案的思想设计了灵活的加密密钥管理方案.实验结果表明新方案能够有效降低用户存储和计算开销. 相似文献
3.
4.
5.
6.
7.
8.
群密钥协商(GKA)协议在构建安全多播信道中扮演着主要角色。由于公钥管理的简洁性和高效性,基于身份的认证群密钥协商协议密码系统近年来成为热门研究方向。提出了一个基于Weil对和完全三叉树结构的群密钥协商协议,同时提出了成员加入和离开子协议。对新方案的安全性进行了分析,结果显示,新方案可以抵抗常见的攻击。在性能方面,新方案在参与者较多时有较明显的计算优势。 相似文献
9.
10.
密钥管理是信息安全中的一个重要领域,密钥协商是密钥管理中的一个重要方面。基于线性码理论给出了一个计算安全的有门限可认证的多重秘密密钥协商方案。该方案使得参与者可以协商秘密密钥,而不用基于离散对数假设。参与秘密密钥协商的参与者组成的集合必须满足门限要求才能进行秘密密钥协商;同时协商的秘密密钥具有多重性,即进行一次秘密协商,可产生出多个秘密密钥。该方案基于线性码理论,可以进行验证,具有认证功能,能够防止第三方攻击。 相似文献
11.
12.
RALPH ERSKINE 《Cryptologia》2013,37(1):52-54
Abstract In 2006, Shieh et al. proposed an efficient remote mutual authentication and key agreement scheme which uses smart cards and requires only hash function operations. In this paper, we show that Shieh et al.'s scheme is vulnerable to guessing attacks, forgery attacks and key compromise attacks. To eliminate these weaknesses, an improvement of Shieh et al.'s scheme with increased security is proposed. The security and efficiency of the improved scheme raises the attractiveness for implementation. 相似文献
13.
Recently, there has been a spurt of work [1], [2], [3], [4], [5], [6], [7] showing that a variety of extensively deployed P2P systems may be exploited to launch DDoS attacks on web and other Internet servers, external to the P2P system. In this paper, we dissect these attacks and categorize them based on the underlying cause for attack amplification. We show that the attacks stem from a violation of three key principles: (i) membership information must be validated before use; (ii) innocent participants must only propagate validated information; and (iii) the system must protect against multiple references to the victim. We systematically explore the effectiveness of an active probing approach to validating membership information in thwarting such DDoS attacks. The approach does not rely on centralized authorities for membership verification, and is applicable to both structured (DHT-based) and unstructured P2P systems. We believe these considerations are important to ensure the mechanisms can be integrated with a range of existing P2P deployments. We evaluate the techniques in the context of a widely deployed DHT-based file-sharing system, and a video broadcasting system with stringent performance requirements. Our results show the promise of the approach in limiting DDoS attacks while not sacrificing application performance. 相似文献
14.
The E-health care systems allow patients to gain the health monitoring facility and access medical services remotely. A secure mechanism for mutual authentication and session key agreement is the most important requirements for E-Health Care Systems. Recently, Amin et al.’s proposed a mutual authentication and session key agreement protocol and claimed that their scheme is secure against all possible attacks. In this paper, we show that not only their scheme is vulnerable to privileged-insider attack, replay attack, session key disclosure attack, but also does not provide patient untraceability and backward secrecy. In order to withstand the mentioned security weaknesses, we propose an efficient remote mutual authentication scheme for the systems which are using ECC and Fuzzy Extractor. The proposed scheme not only resists against different security attacks, but it also provides an efficient registration, login, mutual authentication, session key agreement, and password and biometric update phases. During the experimentation, it has been observed that the proposed scheme is secure against various known attacks. Beside, our scheme is robust against privileged-insider attack that it rarely checked in security analysis. The informal analysis will ensure that our scheme provides well security protection against the different security attacks. Furthermore, we analyzed the security of the scheme using AVISPA software and Random Oracle Model. The formal analysis results and performance evaluation vouch that our scheme is also secure and efficient in computation and communication cost. 相似文献
15.
16.
17.
本文基于[2]中的最优盲水印检测方案,从编码的角度显著改进了水印的稳健性。我们考察了使用不同编码方案嵌入的水印的抗攻击性能,得出了合适的编码方案会显著提高水印稳健性的结论,最后通过实验比较了使用不同编码方案嵌入时,经过几种常见的水印攻击后,水印图像的稳健性,证实了按01或10顺序交错的编码嵌入方案不但简便易行,而且在提高水印的综合抗攻击性能上表现最好。 相似文献
18.
基于无证书的两方认证密钥协商协议 总被引:1,自引:0,他引:1
两方认证密钥协商协议的设计主要基于传统公钥密码体制和基于身份的公钥密码体制.基于无证书的认证密钥协商方案避免了基于传统公钥证书方案存在的身份管理复杂性,同时也消除了基于身份方案中所固有的密钥托管问题.Park等人在2007年提出了选择身份安全模型下抗选择明文攻击(IND-sID-CPA)的无证书加密方案,在该方案的启发下提出了基于无证书体制的两方认证密钥协商方案,并与其他方案进行了安全性和有效性比较.该方案满足目前已知的绝大多数安全属性要求,特别是完美前向安全性,PKG前向安全性,已知会话相关临时秘密信息安全性以及无密钥托管等安全特性,同时保持了良好的计算效率. 相似文献
19.
移动自组网是一种无固定网络基础设施、能量和计算资源有限的分布式动态网络,由于其无线传输链路的开放性,使得它非常需要一种计算和通信开销较小的密钥协商方案.本文基于椭圆曲线上双线性配对的概念,提出了一种适用于移动自组网的可认证密钥协商方案,既实现了邻居节点组成员身份认证的匿名性,也实现了需建立会话的节点之间的可认证密钥协商.分析表明,我们所提出的方案计算和通信开销比较小,安全性较好,非常适合于资源有限的移动自组网. 相似文献