车载自组网中可证明安全的无证书认证方案

认证协议的设计是目前车载自组网(VANET)安全领域的研究热点。现有的认证方案中普遍存在密钥托管带来的安全问题,以及使用计算量大的双线性对导致认证效率很低。针对以上问题,该文提出可证明安全的无证书批认证方案,方案中车辆的密钥由车辆自身和一个密钥生成中心共同生成,解决密钥需要托管给第三方维护的问题;方案的签名构造不使用计算量大的对运算,减少了计算开销;引入批认证来减少路边设施的认证负担,提高认证效率。基于求解椭圆曲线上的离散对数问题的困难性假设,在随机预言机模型中证明了该方案可以抵抗自适应选择消息和身份攻击,从而抵抗更改攻击和假冒攻击,并具有匿名性、可追踪性等特点。与现有方案相比,该方案实现了更高效的认证。     

远程用户基于ECDLP的快速认证密钥协商方案

针对无线通信中用户进行身份认证与密钥协商存在的安全性与计算量之间的制约关系问题,提出一种基于椭圆曲线离散对数难题(Elliptic Curve Discrete Logarithm Problem,ECDLP)的用户快速认证密钥协商协议。该协议通过对用户注册与认证密钥协商阶段的安全性与计算量进行综合分析,基于ECDLP难题为用户在注册阶段分配唯一身份标识符,通过增加用户注册阶段服务器的计算量,有效降低认证密钥协商阶段的计算量,在保证通信机密性、认证性与完整性的条件下,提高用户进行认证密钥协商的效率。安全性分析与计算量对比的结果表明,与其他同类协议相比,本文所提出的协议能在满足安全需求的前提下,有效地降低认证密钥协商协议的总体计算量。      

一种新的三方认证密钥协商协议

目前大部分基于身份的三方认证密钥协商协议都存在安全缺陷,文中在Xu等人提出的加密方案的基础上,设计了一种基于身份的三方认证密钥协商协议.该协议的安全性建立在BDDH假设基础上,经安全性分析,协议具有已知密钥安全,PKG前向安全,并能抵抗未知密钥共享攻击和密钥泄露伪装攻击,因此该协议是一个安全的三方密钥协商协议.     

一种故障容忍的可证安全组密钥协商协议

 对Burmester等人提出的非认证组密钥协商协议的安全性进行了深入分析,指出该协议不能抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.提出了一种故障容忍的组密钥协商(FT-GKA)协议,FT-GKA协议在密钥协商过程中加入了消息正确性的认证机制,该机制利用数字签名技术检测组内恶意节点,并在驱逐恶意节点后保证组内诚实节点能计算出正确的会话密钥,解决了Burmester等人提出协议中存在的内部恶意节点攻击问题.并证明提出的协议在DDH假设下能抵抗敌手的被动攻击,在DL假设和随机预言模型下能够抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.理论分析与实验测试表明,提出的协议具有较高的通信轮效率和较低的计算开销.     

WSNs中基于秘密共享的身份认证协议

身份认证是无线传感器网络安全的第一道屏障。针对现有无线传感器网络中的身份认证协议的效率和安全问题,基于Shamir门限秘密共享方案提出一种低功耗的身份认证协议。在不降低网络安全性的前提下,通过多个已认证节点对新节点进行身份认证,能够有效的降低认证过程中的计算量。认证过程中使用单向散列函数对通信数据进行加密并且运用时间戳机制抵御重放攻击。分析结果表明协议具有低功耗的特点,并且能够抵御窃听攻击、重放攻击以及少数节点被俘虏的攻击。     

改进的移动计算平台直接匿名证明方案

分析了Ge等人提出的直接匿名证明方案的安全缺陷,指出该方案的认证协议在用于远程证明时不能抵抗重放攻击和平台伪装攻击。提出一种改进的直接匿名证明的认证协议,引入会话密钥协商机制,增强互认证功能。分析表明,改进方案在正确进行直接匿名证明的前提下,满足不可伪造性和匿名性,能够抵抗重放攻击和平台伪装攻击,协议性能满足移动计算平台的可信验证需求。     

一类密钥同步更新的组合校验认证方法

针对一对多通报关系实体认证与密钥协商应用环境的无线目标身份识别同步认证问题，该文设计了双密钥组合校验定理，提出并证明了交互式动态认证与工作密钥同步更新定理，基于可信标识动态密钥匹配规则构建了密钥同步更新的组合校验认证模型，提出了一类密钥同步更新的组合校验认证方法，给出了双密钥组合校验、消息适度重传、模拟信道信噪比合理仿真等无线目标身份识别协议设计准则，突破了无线目标身份识别协议同步认证难的关键技术，解决了实体认证与密钥协商中实体身份动态认证、工作密钥同步更新难题。以一类无线目标身份识别协议为例，分析说明了该类方法的具体应用。基于串空间理论构造攻击方法给出了该协议的形式化证明，并通过常规攻击方法分析了该协议的实际安全性。与其他交互式密码协议同步认证设计方法相比较，该方法具有动态可认证性，由该方法设计的交互式密码协议同步认证方案，安全性高，计算量小，仅进行一次迭代运算，可应用于大规模复杂环境中的无线目标身份识别。     

基于身份认证的无线安全密钥交换

认证密钥协商使得通信双方在共享一个安全会话密钥的同时实现相互认证。针对无线网络,基于口令认证的密钥协商算法也许能降低系统资源开销,但通常不能有效抵抗字典攻击。针对无线设备的资源有限性,文中提出一种可证安全的、基于身份的、认证的密钥协商方案,所提出方案需要计算量少,能够抵抗冒充攻击并且满足密钥协商协议所要求的其它安全属性。     

基于身份认证的BACnet/IP分析与改进

为了解决BACnet/IP身份认证存在多种可攻击漏洞和密钥泄露带来的安全问题,提出了一种安全增强的BACnet/IP-SA协议认证方案。研究协议身份认证消息流模型,基于着色Petri网理论和CPNTools对身份认证消息流建模,采用Dolev-Yao攻击者模型和形式化分析方法对BACnet/IP进行安全性分析,发现协议漏洞并提出改进方案。BACnet/IP-SA协议使用设备的伪身份来保护真实身份信息,使用PUF响应进行认证,通过多信息集合的验证值来验证端身份的真实性并生成会话密钥。结合BAN逻辑和非形式化方法,对协议的安全性进行了证明。实验结果表明,所提方案能有效抵抗多类攻击和密钥泄露带来的安全威胁,在减少计算开销的同时增强了协议身份认证的安全性。     

无证书两方认证密钥协商协议攻击及改进

分析了Kim等人提出的不依赖于双线性对运算的无证书两方认证密钥协商协议,指出该协议在公钥替换攻击下不满足基本伪装攻击安全性,并给出了一个具体攻击。针对该协议存在的安全性缺陷,提出了一个改进的无证书两方认证密钥协商协议。分析表明,所提出的改进协议能够有效地抵抗公钥替换攻击并满足一些必要的安全属性。     

WSN key recovery attack based on symmetric matrix decomposition

The key protocol is one of the crucial technologies to ensure the security for wireless sensor network（WSN）.Parakh,et al.proposed a key agreement for WSN based on matrix decomposition.However,the study revealed that the protocol had security risks.A key recovery attack scheme against this protocol was proposed by using the properties of symmetric matrix and permutation matrix.Based on intercepting the row and column vector of the node,elementary transformation was performed to construct a linear algebraic attack algorithm and the equivalent key was obtained.The computational complexity is O(N⁶).Experimental results show that the method can recover the equivalent key of the above protocol within the polynomial computational complexity and the memory consumption is within an acceptable range.In addition,an improved scheme for key agreement was proposed to resist the linear algebraic attack by using a random disturbance matrix,and the correctness and security analysis were also carried out.     

Two-party certificateless authenticated key agreement protocol with enhanced security

Two-party certificateless authenticated key agreement（CL-AKA） protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk (eCK) security model based on the hardness assumption of the computational Diffie Hellman (CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack of key generation center (KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication.     

Two-factor authenticated key agreement protocol based on biometric feature and password

A new two-factor authenticated key agreement protocol based on biometric feature and password was proposed.The protocol took advantages of the user’s biological information and password to achieve the secure communication without bringing the smart card.The biometric feature was not stored in the server by using the fuzzy extractor technique,so the sensitive information of the user cannot be leaked when the server was corrupted.The authentication messages of the user were protected by the server’s public key,so the protocol can resist the off-line dictionary attack which often appears in the authentication protocols based on password.The security of the proposed protocol was given in the random oracle model provided the elliptic computational Diffie-Hellman assumption holds.The performance analysis shows the proposed protocol has better security.     

基于生物特征标识的无线传感器网络三因素用户认证协议

为满足高安全级别场景（如军事、国家安全、银行等）的应用需求,进一步提高无线传感器网络用户认证协议的安全性,提出了基于生物特征识别的三因素用户认证协议.针对Althobaiti协议无法防御节点妥协攻击、模拟攻击、中间人攻击和内部特权攻击的安全缺陷,增加智能卡和密码作为协议基本安全因素,并利用生物特征标识信息生成函数与回复函数处理的生物特征标识作为附加安全因素;在密钥管理中,为每个节点配置了与网关节点共享唯一密钥,保证认证过程的独立性与安全性;实现用户自主选择与网关节点的共享密钥,提高公共信道通信的安全性;在网关节点不参与的情况下,设计密码和生物特征标识更新机制,保证二者的新鲜性.通过Dolev-Yao拓展威胁模型的分析与AVISPA的OFMC分析终端的仿真,结果证明该认证协议克服了Althobaiti协议安全缺陷,且对计算能力的需求小于公钥加密.权衡安全性与计算成本,该协议适用于资源受限且安全需求高的无线传感器网络应用.     

基于零知识证明的多实体RFID认证协议

物联网的发展对射频识别(RFID)系统的安全性能提出了越来越高的要求。虽然基于密钥阵列的RFID认证协议解决了传统RFID认证协议在多实体环境中存在的内部攻击问题,但基于交换实体身份信息的认证方式存在信息泄露的安全隐患。针对这一问题,设计了基于零知识证明的多实体RFID认证协议(MERAP)。该协议采用分布式密钥阵列抵御内部攻击,利用零知识证明方案实现双向认证时敏感身份信息零泄露。性能分析结果显示,MERAP协议在维持一定复杂度和标签成本的基础上,可抵抗包括重传、跟踪、拒绝服务和篡改等多种外部攻击和内部攻击。     

SLAP: Succinct and Lightweight Authentication Protocol for low-cost RFID system

Data security is crucial for a RFID system. Since the existing RFID mutual authentication protocols encounter the challenges such as security risks, poor performance, an ultra-lightweight authentication protocol named Succinct and Lightweight Authentication Protocol (SLAP) is proposed. SLAP is only composed of bitwise operations like XOR, left rotation and conversion which is easy to implement on a passive tag. The proposed conversion operation as the main security component guarantees the security of RFID system with the properties such as irreversibility, sensibility, full confusion and low complexity, which better performed or even absent in other previous protocols. Security analysis shows that SLAP guarantees the functionalities of mutual authentication as well as resistance to various attacks such as de-synchronization attack, replay attack and traceability attack, etc. Furthermore, performance evaluation also indicates that the proposed scheme outperforms the existing protocols in terms of less computation requirement and fewer communication messages during authentication process.     

A post quantum secure construction of an authentication protocol for satellite communication

Satellite's communication system is used to communicate under significant distance and circumstances where the other communication systems are not comfortable. Since all the data are exchanged over a public channel, so the security of the data is an essential component for the communicating parties. Both key exchange and authentication are two cryptographic tools to establish a secure communication between two parties. Currently, various kinds of authentication protocols are available to establish a secure network, but all of them depend on number–theoretical (discrete logarithm problem/factorization assumption) hard assumptions. Due to Shor's and Grover's computing algorithm number theoretic assumptions are breakable by quantum computers. Although Kumar and Garg have proposed a quantum attack-resistant protocol for satellite communication, it cannot resist stolen smart card attack. We have analyzed that how Kumar and Garg is vulnerable to the stolen smart card attack using differential power analysis attack described in He et al and Chen and Chen. We have also analyzed the modified version of signal leakage attack and sometimes called improved signal leakage attack on Kumar and Garg's protocol. We have tried to construct a secure and efficient authentication protocol for satellites communication that is secure against quantum computing. This is more efficient as it requires only three messages of exchange. This paper includes security proof and performance of the proposed authentication and key agreement protocol.     

Codeword Authenticated Key Exchange (CAKE) light weight secure routing protocol for WSN

Wireless Sensor Network (WSN) is developing rapidly and used extensively in various critical applications like military, health, environment etc. Sometimes, the WSN is indiscriminately deployed in unattended hostile terrains such as border or remote region where besides energy efficiency, security is another important issue to be addressed. The adversary can have unauthorised access which can lead to tampering, modification, interception, eavesdropping etc. With the intention of improving the energy efficacy of WSN, clustering methods are developed, but dynamic behaviour of sensor nodes with limited storage and processing makes security a more challenging problem as resource intensive security solutions are not feasible in practical scenario. Key management is capable of addressing this problem by protecting the network from different attacks. In this paper, a highly secure Codeword Authenticated Key Exchange (CAKE) protocol is proposed which is based on one‐way hashing with one time password and codeword authentication. BAN logic and Random Oracle Model are used for formal proof, and AVISPA tool is used for simulating the proposed work. CAKE is compared with other existing mutual authentication schemes which depicts significant reduction in computational time and energy consumption. The proposed protocol preserves Confidentiality, Integrity, and mutual authentication and can counter several attacks like offline guessing attack, replay attack, Dos attack, impersonation attack etc. and preserve perfect forward secrecy making the protocol suitable for various WSN applications.     

Two-factor ( biometric and password) authentication keyexchange on lattice based on key consensus

In the post-quantum era, the password-based authentication key exchange (PAKE) protocol on lattice has the characteristics of convenience and high efficiency, however these protocols cannot resist online dictionary attack thatis a common method used by attackers. A lattice-based two-factor ( biometric and password) authentication keyexchange (TFAKE) protocol based on key consensus (KC) is proposed. The protocol encapsulates the hash valueof biometric information and password through a splittable encryption method, and compares the decapsulatedinformation with the server's stored value to achieve the dual identity authentication. Then the protocol utilizes theasymmetric hash structure to simplify the calculation steps, which increases the calculation efficiency. Moreover,KC algorithm is employed in reducing data transmission overhead. Compared with the current PAKE protocol, theproposed protocol has the characteristics of hybrid authentication and resisting online dictionary attack. And itreduces the number of communication rounds and improves the efficiency and the security of protocol application.     

基于密钥阵列的RFID安全认证协议

随着RFID技术的发展和广泛应用,安全认证协议的设计与完善对于保护信息安全和用户隐私变得更加重要。该文针对现有安全认证协议中常常忽略的来自系统内部合法阅读器之间的伪造和篡改问题,提出一种新的基于密钥阵列的安全认证协议。它通过增加密钥更新标记,有效地解决了标签和数据库之间的同步更新问题。新协议在维持一定复杂度和标签成本的基础上,可抵抗包括重传、跟踪、阻断和篡改等多种攻击手段,尤其针对来自系统内的安全威胁,具有较高的安全性和实用性。