基于口令认证可证安全的RFID通信安全模型研究

针对RFID技术的安全与隐私保护问题及RFID标签资源的有限性问题,本文提出了一种基于口令认证可证安全的RFID通信安全协议--pRPAP.为求从根本上解决RFID技术的安全与隐私保护问题,本文提出为RFID系统建立通信安全模型.从形式化论证的角度出发,基于随机预言模型,使用形式化描述方式,系统地建立了RFID通信安全型.该模型包括RFID系统模型,RFID系统的攻击模型以及RFID通信安全协议的安全目标模型.并在该模型下,证明了pRPAP的安全性.证明结果显示本文提出的基于口令认证可证安全的RFID通信安全协议能够有效地解决RFID技术的安全问题.此外,本文所建立的RFID通信安全模型还有助于指导pRPAP协议各项参数的选择,以便建立适合不同安全等级要求的RFID通信安全协议.RFID通信安全模型的建立,也有助于对RFID通信安全协议进一步深入地研究.     

量子密钥分配协议的Petri网建模及安全性分析

量子密钥分配协议已经被证明具有无条件安全特性,但是证明过程比较复杂,不利于推广到其他量子密码协议的安全性分析和证明中.为了简化量子密码协议的安全性证明以及建立一种通用的证明方法,基于Petri网提出一种量子密钥分配协议的形式化分析方法,根据Biham的等效对称化攻击模型,将协议分为主体模型和攻击模型两部分,建立了BB84协议的Petn网模型,然后对模型进行安全性分析,分析结果表明, BB84协议是无条件安全的.该方法提高了安全性分析效率,形式上简洁统一,容易推广到其他量子密码协议的安全性分析中.     

基于口令的认证密钥协商协议的安全分析与改进

对基于口令的标准模型下可证明安全的认证密钥协商协议进行安全分析,指出该协议易受反射攻击.同时给出了一个改进方案,该方案不仅弥补了原方案的缺陷,而且改善了协议的性能.最后,基于DDH假设,在标准模型下证明了协议的安全性.结果表明,改进后的协议还具有完美前向安全特性.     

传感器网络中的节能参与度模型

为提出节能的传感器网络协议,本文研究了节点参与度模型.我们细化了无线传感器网络中的协议层次,将网络层分为邻域发现,动态参与度模型和路由协议.我们具体化了邻域发现协议,引入随机参数重构了参与度模型,给出了相应的网络启动方式并使用数学分析、模拟程序验证了此模型.     

RFID匿名认证协议的设计

在分析RFID协议安全需求的基础上,基于通用可组合安全模型,设计了一个低成本的RFID匿名认证协议,在标准模型下证明了RFID匿名认证协议的安全性.设计的协议提供匿名、双向认证和并发安全,并且协议的实现对于一般的RFID结构都是切实可行的.     

基于Opnet的航空电子SCI链路节点建模

依据SCI两个重要协议--带宽分配协议和队列分配协议,就航空电子SCI链路节点Opnet模型建立的功能模块进行了分析.给出了一个可供航空电子系统仿真分析实用的SCI链路节点模型,并就建立模型的关键问题进行了解析和讨论.     

通用可组合安全的门限签名协议

门限签名协议使得签名团体中任何t个参与者合作可以生成某个消息的有效签名;而少于t个参与者就无法得到该消息的合法签名.目前关于门限签名协议的安全性研究只是专注于单一协议执行时的安全性,针对这点,引入通用可组合框架.利用该框架的通用可组合性可以模块化地设计与分析门限签名协议.首先定义了门限签名协议在通用可组合框架下的安全模型,并证明其等价于门限签名协议标准概念下的安全模型,然后以前摄门限签名协议为例描述如何应用这个安全模型.提出的门限签名协议和前摄性门限签名协议不仅满足可证明安全性,还具有通用可组合安全性.     

一种B92协议量子电路设计与仿真

量子安全通信作为量子信息的重要分支之一,是量子力学在通信领域极为重要的应用.着重研究B92量子密钥分配协议的量子电路模型及其后续仿真,基于Qcircuit仿真软件设计出一种全新的B92量子密钥分配协议的量子电路模型,通过引入误码率(BER)和协议可靠率Υsec两个指标,仿真分析了在不同噪声信道模型下B92量子密钥分配协议的有效性和安全性.仿真结果表明,这种全新的电路设计实现了B92密钥分配协议的功能,并具有普遍意义,可运用于构造其他密钥分配协议的量子电路模型.     

基于串空间模型的改进型 Otway-Rees 协议分析

串空间模型是一种新兴的密码协议形式化分析工具,其理论中理想和诚实概念的提出大大减少了协议的证明步骤.本文在 Otway-Rees 协议缺陷的基础上对它进行改进,并利用串空间模型的理论对改进后的 Otway-Rees 协议进行了形式化的分析.新的 Otway-Rees 协议满足其安全目标,是安全可行的     

无线传感器网络中基于切换与保持节点选择的协同ARQ协议

提出了一种基于切换与保持节点选择的协同ARQ协议,该协议在确保无线传输可靠性的同时能获得较高的能量效率.建立了一种马尔科夫链模型,在此基础上分析了系统的吞吐量性能;基于无线传感器网络中一种广泛使用的能耗模型,以系统能效为指标分析比较了所提协议与传统ARQ协议的性能,并讨论了中继位置对系统能效的影响.基于Monte Carlo仿真,讨论了所提协议和传统ARQ协议的吞吐量和能效性能.数值和实际仿真结果证实了所给吞吐量模型的有效性;同时仿真比较表明所提协议能获得相比传统ARQ更优的吞吐量和能效性能.     

Design and evaluation of a real-time locating system for wireless sensor networks

Evaluating target-tracking protocols for wireless sensor networks that can localise multiple mobile assets can be a very challenging task. Such protocols usually aim at the minimisation of communication overhead, data processing for the participating nodes and delivering adequate tracking information of the mobile assets in a timely manner. Simulations on such protocols are performed using theoretical models that are based on unrealistic assumptions like the unit disc graph communication model, ideal network localisation and perfect distance estimations. With these assumptions taken for granted, theoretical models claim various performance milestones that cannot be achieved in realistic conditions. In this paper, we design a new localisation protocol, where mobile assets can be tracked passively via software agents. Moreover, we address and mitigate issues that hinder performance over the wireless medium and provide a fully deployable protocol. The design, implementation and experimentation of this new protocol along with further optimisations were performed using the WISEBED framework. We apply our protocol in a real indoor wireless sensor testbed with multiple experimental scenarios to showcase scalability and trade-offs between network properties and configurable protocol parameters. By analysis of the real-world experimental output, we present results that depict a more realistic view of the target tracking problem, regarding power consumption and the quality of tracking information. Finally, we also conduct some much focused simulations to assess the scalability of our protocol in very large networks and multiple mobile assets.     

Ring stability of the PROFIBUS token-passing protocol overerror-prone links

The PROFIBUS is a well-known and widely used fieldbus. On the medium access control layer, it employs a token-passing protocol where all active stations form a logical ring on top of a broadcast medium. This protocol is designed to deliver real-time data transmission services in harsh industrial environments. A necessary prerequisite for timeliness and quality of service is the ring membership stability of the logical ring in the presence of transmission errors, since only ring members are allowed to transmit data. In this paper, the ring membership stability under high error rates and using different error models is analyzed. The choice of the error behavior is in turn inspired by properties of possible future transmission technologies, e.g., wireless LANs. It is shown that the protocol has serious stability problems. To attack these problems, two changes to the protocol and its parameters are proposed, which can be implemented in a purely local manner. We show that they significantly improve ring stability     

CADP与PIM-SM协议分析

由于PIM-SM协议标准化进程还处在实验阶段,协议本身需要不断发展完善。提出PIM-SM组播系统的抽象模型,给出了协议实体的部分形式化描述,并使用CADP工具集对其进行简单验证。     

一种基于DDS协议的分布式仿真网络设计

民用飞机在复杂系统集成过程中仿真模型来源众多,没有统一的数据接口和通信协议,造成在使用前需要做大量的适配工作。为解决这一问题,文中提出了一种基于DDS协议的分布式仿真网络,物理层使用以太网作为传输介质,并采用IEEE1588协议构建全网时钟同步,实现了一个通用的仿真模型运行环境。在应用过程中面向参数而无需关心底层通信协议,降低了仿真模型在系统集成过程中的使用难度。     

Kerberos协议的形式化分析

认证协议是网络环境中一类重要的安全协议，对协议进行形式化分析是保障其安全性的主要手段。文章以BAN逻辑为工具．分析了网络中常用的Kerbems认证协议。结果表明。Kerbems协议达到了预期的认证目标。     

基于UML的面向对象通信协议建模技术研究

协议描述是协议开发进程和协议工程中非常重要的一步。提出使用UML来对协议的行为、结构和体系建模,包括了协议的静态和动态2个方面,并以一个简单的通信协议和服务作为实例来说明将UML用于协议描述的技术。     

Improvement of integrated services on CDMA wireless LANs using thehandshake-ALOHA protocol

The author proposes a frame-based, handshake-ALOHA protocol suitable for CDMA wireless LANs. Performance evaluation using a continuous-time Markov chain and Poisson error models shows that both the data and voice throughput are significantly improved, compared to the pure ALOHA protocol     

The IMPORTANT framework for analyzing the Impact of Mobility on Performance Of RouTing protocols for Adhoc NeTworks

A Mobile Ad hoc Network (MANET) is a collection of wireless mobile nodes forming a temporary network without using any existing infrastructure. Since not many MANETs are currently deployed, research in this area is mostly simulation based. Random Waypoint is the commonly used mobility model in these simulations. Random Waypoint is a simple model that may be applicable to some scenarios. However, we believe that it is not sufficient to capture some important mobility characteristics of scenarios in which MANETs may be deployed. Our framework aims to evaluate the impact of different mobility models on the performance of MANET routing protocols. We propose various protocol independent metrics to capture interesting mobility characteristics, including spatial and temporal dependence and geographic restrictions. In addition, a rich set of parameterized mobility models is introduced including Random Waypoint, Group Mobility, Freeway and Manhattan models. Based on these models several ‘test-suite’ scenarios are chosen carefully to span the metric space. We demonstrate the utility of our test-suite by evaluating various MANET routing protocols, including DSR, AODV and DSDV. Our results show that the protocol performance may vary drastically across mobility models and performance rankings of protocols may vary with the mobility models used. This effect can be explained by the interaction of the mobility characteristics with the connectivity graph properties. Finally, we attempt to decompose the reactive routing protocols into mechanistic “building blocks” to gain a deeper insight into the performance variations across protocols in the face of mobility.     

基于广义串空间模型构造攻击的缺陷及改进

该文设计一个类似于Millen曾经构造的ffgg协议ffgg协议,它们有共同的密码学性质。使用基于广义串空间模型的构造攻击对该协议进行分析,结果表明协议在非类型缺陷攻击下是安全的,这与Millen用Pulson的归纳法分析ffgg协议有相同的结果,并指出该方法是有缺陷的。针对这个缺陷,给出改进的措施,改进的构造攻击能发现ffgg协议中的类型缺陷攻击。