认证密钥交换协议模型

认证密钥交换协议让两方或者多方在不安全的信道上协商一个会话密钥,而用这个临时会话密钥确保一个安全的通信信道.本文详细介绍了BCK模块化思想.通过该思想,安全协议的设计与分析变得更加简单.     

基于二次剩余的多服务器环境下的身份认证协议

多服务器环境下的身份认证协议实现了用户只需要一次注册即可跟多个服务器实现交互认证,基于二次剩余构造了一个注册中心在线的多服务器环境下身份认证协议。该协议中,注册中心参与实现对用户的认证并协助用户和服务器建立后继通信的会话密钥,并且服务器之间是可以相互区分的。协议能够抵抗字典攻击、口令泄露模仿攻击常见攻击,同时能够实现相互认证,以及前向安全、已知会话密钥安全和无密钥控制等会话密钥的安全属性。     

基于RSA的网关口令认证密钥交换协议

网关口令认证密钥交换协议是一个三方协议,使得用户和网关在服务器的协助下建立起一个安全的会话密钥,从而实现用户和网关之间的安全通信.已有的网关口令认证密钥交换协议都是基于Diffie-Hellman密钥交换设计的.利用张木想所设计的PEKEP协议,提出了基于RSA体制的可证明安全的网关口令认证密钥交换协议.在随机预言模型...     

具有可扩展性的无线Mesh网络接入方法

分析了无线Mesh网络的特点和安全机制,给出了无线Mesh客户端的接入过程,通过面向方面编程AOP、依赖注入DI和软插件技术实现接入系统的认证协议、密钥协商协议和物理网络适配能力的可扩展性。设计了双向身份认证协议和会话密钥协商协议,能够抵抗反射攻击并保证会话的前向保密性。     

基于证书的无线认证协议的设计与分析

文章提出了一个基于数字证书的无线认证协议,实现了通信双方的相互认证,建立了一个经过双方确认的公正的会话密钥。通过BAN逻辑及各种可能的攻击分析,证明协议是安全的。     

改进的三方口令认证密钥交换协议

基于三方的口令认证密钥交换（3PAKE）协议是客户通过与可信服务器共享一个口令验证元,在两客户进行通信时通过此可信服务器进行会话密钥的建立与共享,从而进行通信。首先对李文敏等人提出的协议进行安全性分析,发现该协议易受离线字典攻击和服务器泄露攻击。提出了一个改进协议,该协议能够提供双向认证、会话密钥机密性和前向安全性,能够有效抵抗多种攻击,包括离线字典攻击和服务器泄露攻击。     

基于无证书密码学的可认证三方密钥协商协议

为了使密钥协商协议能够抵抗主动攻击,提出了一个可认证的无证书三方密钥协商协议。首先分析现有密钥协商协议的特点,然后以无证书密码学理论为基础设计一个安全的三方密钥协商协议。该协议只需要一轮消息交换就可以建立起安全的三方会话密钥,有效地克服了密钥托管问题,提供完善的前向安全性。通过性能分析表明,该协议具有较高的安全性和运行效率。     

WSN中基于ECC的轻量级认证密钥协商协议

为解决无线传感器网络密钥管理与认证协议设计中由于节点频繁移动所带来的计算量、存储量等资源消耗过大问题,提出了一种基于ECC的轻量级认证密钥协商协议。该协议主要用于网络中任意用户节点之间,以及用户节点与网络之间的双向认证和会话密钥的协商。方案采用ECC进行会话密钥协商,结合AES对称密钥加密技术保证信息传输过程的保密性。与传统的密钥协商协议相比,能够在更小的密钥量下提供更大的安全性,并减少了对节点计算量和存储量的需求。该协议在ID-BJM安全模型下证明了其安全性。分析结果表明,该协议满足前后向安全性和PKG前向安全性。     

基于自验证公钥的跨域口令认证密钥协商协议

结合自验证公钥密码学和口令构造了一个用户可以直接通信的跨域口令认证密钥协商协议。域服务器通过口令认证实现对域内用户的认证, 并与对方域服务器一起协助用户完成认证和密钥协商。该过程中, 域服务器不能获取关于会话密钥的任何信息, 且各参与方之间能够实现相互认证。与同类协议相比, 该协议需要较小的计算和通信代价, 并能抵抗字典攻击和未知会话密钥共享攻击。     

公平认证密钥交换协议的安全模型与模块化设计

传统的密钥交换协议通常假定合法通信双方都是可信的,然而很多现实应用都要求通信双方在互不信任的环境中执行认证密钥交换协议,为此本文提出了公平认证密钥交换(FAKE)的思想:除了具有一般认证密钥交换协议的基本特点外,通过客户在协议会话中预先植入"会话证据",使得在不揭示会话证据的前提下,合法通信双方均可以否认会话的发生;一旦客户方揭示会话证据,则协议会话记录就会与通信双方的身份绑定.该思想为解决网络服务中保护个人隐私与处理网络服务纠纷的矛盾提供了一种切实可行的技术解决思路.文中系统规划了公平认证密钥交换协议的形式化安全模型,纠正了Kudla关于并发签名公平性安全模型存在的错误之处,利用并发签名具体构造了一个公平认证密钥交换协议,并在随机预言模型(ROM)中证明了该协议满足mBJM-AK安全性、条件可否认性以及公平性.     

一种密钥管理协议的设计和实现

本文在分析目前密码管理协议的基础上，针对DSPS系统的需求和特点设计并实现一种密钥管理协议，目前普遍的密钥交换算法，采用时间戳或随机数来确认产生的会话密钥的新鲜性，本文引入了新的密钥产生函数KHF，保证通信双方只有同步交换信息时，才能得到正确的会话密钥。     

可证明安全的基于身份的认证密钥协商协议

提出了一种具有私钥产生中心(private key generator,PKG)前向安全性的基于身份的认证密钥协商协议,协议中给出了一种利用用户双方的长期私钥和临时私钥联合计算共享密钥的方法.在标准模型下证明了协议的安全性,并且分析得出,即使攻击者能够同时获得双方的临时私钥或同时获得双方的长期私钥,共享密钥仍然是安全的.性能分析表明,该协议较好地平衡了计算复杂度和安全性这两个协议评价指标.     

Composition of password-based protocols

Formal and symbolic techniques are extremely useful for modelling and analysing security protocols. They have helped to improve our understanding of such protocols, allowed us to discover flaws, and they also provide support for protocol design. However, such analyses usually consider that the protocol is executed in isolation or assume a bounded number of protocol sessions. Hence, no security guarantee is provided when the protocol is executed in a more complex environment. In this paper, we study whether password protocols can be safely composed, even when a same password is reused. More precisely, we present a transformation which maps a password protocol that is secure for a single protocol session (a decidable problem) to a protocol that is secure for an unbounded number of sessions. Our result provides an effective strategy to design secure password protocols: (i) design a protocol intended to be secure for one protocol session; (ii) apply our transformation and obtain a protocol which is secure for an unbounded number of sessions. Our technique also applies to compose different password protocols allowing us to obtain both inter-protocol and inter-session composition.     

Event-based run-time adaptation in communication-centric systems

Communication-centric systems are software systems built as assemblies of distributed artifacts that interact following predefined communication protocols. Session-based concurrency is a type-based approach to ensure the conformance of communication-centric systems to such protocols. This paper presents a model of session-based concurrency with mechanisms for run-time adaptation. Our model allows us to specify communication-centric systems whose session behavior can be dynamically updated at run-time. We improve on previous work by proposing an event-based approach: adaptation requests, issued by the system itself or by its context, are assimilated to events which may trigger adaptation routines. These routines exploit type-directed checks to enable the reconfiguration of processes with active protocols. We equip our model with a type system that ensures communication safety and consistency properties: while safety guarantees absence of run-time communication errors, consistency ensures that update actions do not disrupt already established session protocols. We provide soundness results for binary and multiparty protocols.     

Portable wireless-networking protocol evaluation

Multi-hop wireless networks, such as sensor-, ad hoc- and mesh-nets, can be differentiated in terms of participating devices and usage scenarios. However they share strong characteristics and requirements, such as node cooperation to enable multi-hop forwarding and dynamic routing protocols to deliver packets. As a result of these similarities, protocols designed for all these wireless networks revolve around a common core of functionality, for example coping with link and node dynamics. They differ only in additional network-specific functionality, such as tree routing structures in sensornets, and parameterization, for example buffer sizes.This convergence of functionality and design goals, as well as the sheer number of proposed protocols in each network class, motivates the idea of applying protocols to more than just their one original class. However, network-layer protocols are usually developed for and tested in only one class of wireless network due to the lack of a platform that allows testing of protocols across different classes of networks. As a result, we unnecessarily constrain the range of settings and scenarios in which we test network protocols.In this article, we propose a platform for protocol testing and evaluation in multiple, heterogeneous networks and discuss the requirements and challenges of such a solution. As a first step and case study, we present the detailed architecture of TinyWifi, a platform for executing native sensornet protocols on Linux-driven wireless devices as found in wireless mesh and mobile ad-hoc networks (MANETs). TinyWifi builds on nesC code base that abstracts from TinyOS and enables the execution of nesC-based protocols in Linux. Using this abstraction, we expand the applicability and means of protocol execution from one class of wireless network to another without re-implementation. We demonstrate the generality of TinyWifi by evaluating four well-established protocols on IEEE 802.11 and 802.15.4 based testbeds using a single implementation. Based on the experience of building TinyWifi and the presented evaluation, we deduce the feasibility of a cross-network evaluation platform and sketch the requirements for inclusion of further network classes.     

Third party application control on quality of service in IP based multimedia networks

The paper investigates the capabilities for open access to resource management in convergent networks. Based on the analysis of policy and charging control functions in Internet Protocol Multimedia Subsystem (IMS), requirements for third party application control on quality of service (QoS) are identified. The functionality of Open Service Access (OSA) and Parlay X interfaces is evaluated for support of dynamic QoS control. An approach to design of OSA compliant application programming interfaces to QoS management in IMS networks is presented. The interface methods are mapped onto the messages of network control protocols such as Diameter and Session Initiation Protocol (SIP). The application view of authorized QoS resources for SIP session is modeled. Implementation issues concerning behavioral equivalence of the authorized QoS resources model and SIP session state model are discussed.     

一个简单网络协议设计与测试平台的设计与实现

文章给出了一个面向Ｉｎｔｅｒｎｅｔ的简单网络协议设计与测试平台（ ＳＮＰＤＴＰ－Ｓｉｍｐｌｅ Ｎｅｔｗｏｒｋ Ｐｒｏｔｏｃｏｌ Ｄｅｓｉｇｎ ａｎｄＴｅｓｔ Ｐｌａｔｆｏｒｍ）的设计与实现方案,该ＳＮＰＤＴＰ方案是基于Ｌｉｎｕｘ和ＷＩＮ３２的软件实现,可以用于设计和测试从网络层到应用层的各种网络协议,包括路由,传送（面向流或者数据包）,会话,多媒体传送等各方面的协议,主要应用于多址广播,多媒体数据传送协议的设计与测试分析,其特点是适应性广,廉价,简单,可配置性及可扩展性强。在ＳＮＰＤＴＰ中设计了独立于Ｌｉｎｕｘ内核之外的ＩＰ转发机制来实现路由,数据的发送及接收端则在ＷＩＮ３２或Ｌｉｎｕｘ上实现,路由的个数,收发端的个数以及网络的拓扑结构可以根据实际需要任意配置。在ＳＮＰＤＴＰ中使用 Ｃ－Ｓｃｒｉｐｔ来描述和分析网络协议,具有灵活,方便的特点,同时ＳＮＰＤＴＰ也提供ＡＰＩ供功能扩充及二次开发之用。     

Formal analysis and design of multi-party fair exchange protocols

1 Background The essence of electronic protocols is exchanging message items. In miscellaneous applications, especially in E-commerce, an electronic message item has its value. Fairness is one of the important properties of these practical protocols. Rece…     

应用层组播用户的自私性研究

应用层组播(application-layer multicast,简称ALM)是网络层组播的重要补充.但与网络层组播不同的是,应用层组播结构的组成节点是具有独立利益和决策的主机用户.自私的主机用户为了提高自身利益,可能不严格遵守应用层组播协议的规定,从而对组播会话的整体性能带来影响.为了设计可信任的、鲁棒的应用层组播协议,对应用层组播的用户自私性进行研究是必要的.综述了这一领域的研究进展,并按照应用层组播协议的工作阶段把这些研究分为3类,即控制结构维护阶段的自私性研究、节点信息收集阶段的自私性研究以及数