共查询到17条相似文献,搜索用时 109 毫秒
1.
为了克服以往协议在密钥协商阶段易于受到各种攻击而导致会话密钥泄漏的缺点,提出了一种改进的基于ECC的免配对密钥协商协议,与传统的密钥协商协议相比在密钥协商阶段引入了身份验证令牌,使得窃听者无法窃取和篡改会话密钥,有效克服了以往协议容易受到攻击的弱点.分析表明,新协议与其他相关协议相比在保持较小的信息交换的前提下,使安全性有了很大的提高. 相似文献
2.
改进新密钥交换协议及其形式化分析 总被引:4,自引:0,他引:4
Diffie-Hellman协议不具有认证功能且不能抵抗中间人攻击。Seo等人提了一种简单的算法(SAKA)协议可以抵抗中间人攻击且运算简单,但是SAKA协议也存在不足。另有人提出了Lin协议、E-SAKA协议等。分析上述协议可看出存在不足。于是提出改进的新密钥交换协议。它具有SAKA及其改进协议优点的同时可以避免SAKA及其改进协议的缺陷。并给出该协议的BAN逻辑形式分析。 相似文献
3.
4.
密钥交换的SAKA协议存在三大安全缺陷.为克服这些缺陷,人们提出了改进的Lin协议、E-SAKA协议和改进的E-SAKA协议.通过分析发现E-SAKA协议及其改进算法仍然会受到密钥猜测攻击,并且E-SAKA协议中攻击者能获得会话密钥.进一步提出了一个基于Lin协议的改进协议,并论证此协议在防止中间人攻击和解决SAKA协议的三大缺陷的同时,能有效抵挡在线猜测攻击. 相似文献
5.
针对Diffie-Hellman密钥交换协议和ECDH密钥协商协议的缺陷,给出了一种改进后的可认证密钥协商协议。该协议具有等献性、密钥不可控、密钥确认、完美前向安全以及抗已知密钥攻击等安全特性。跟以往的密钥协商协议相比,其管理简单、开销较低、安全性高、扩展性较好且实现了身份认证,以较低的计算成本和较高的运算效率实现了通信双方安全的会话密钥协商与密钥验证,能够较好地适用于大规模网络的端到端密钥管理。 相似文献
6.
认证密钥协商协议能够为不安全网络中的通信双方提供安全的会话密钥,但是,大多数的认证密钥协商协议并没有考虑保护用户隐私.论文关注网络服务中用户的隐私属性,特别是匿名性和可否认性,规范了增强用户隐私的认证密钥协商协议应满足的安全需求,即双向认证、密钥控制、密钥确认、会话密钥保密、已知会话密钥安全、会话密钥前向安全、用户身份匿名、用户身份前向匿名、不可关联和可否认,并基于椭圆曲线密码系统设计了一个满足安全需求的隐私增强认证密钥协商协议. 相似文献
7.
8.
无线传感器网络由大量随机分布的传感器节点组成,这些节点在各自的环境进行信息采集、数据处理,并将信息传输至数据终端。文章提出了一个健壮的、可证明安全的可认证群密钥协商协议,该协议满足实用性、简单性和强安全性的要求。本文提出的可认证群密钥协商协议是基于椭圆曲线、双线性映射和Burmester和Desmedt协议实现。该协议通过两轮广播完成群会话密钥协商,比以前可认证群密钥协商协议需要更低的计算和通信开销。 相似文献
9.
针对Diffie-Hellman密钥协商协议易受中间人(man in the middle)攻击的问题,提出了一种自证明身份的密钥协商协议,阐述了密钥交换原理,分析了其安全性和实现的关键技术。该协议将RSA与离散对数相结合,使通信双方在不需对方公开密钥证书,不需数字签名,也不需密钥分配中心(KDC)的条件下进行双向身份认证,并同时产生共享的会话密钥,具有一定实用价值。 相似文献
10.
基于无线信道特征的密钥生成过程中,为了降低通信双方生成的密钥不一致率常采取的措施是密钥协商。通常的密钥协商过程是在BSC信道下进行密钥协商,但是协商的效率较低。为了提高密钥协商的效率,本文提出一种在等效信道下基于LDPC编译码的协议机制。在此协议机制中,无线信道下采用Mathur[1][2]等人提出的Level-Crossing算法(LCA)提取密钥的过程构成了本协议中的等效信道,该机制对LCA提取后的密钥协商信息进行建模,推导了等效信道的最佳似然比,并据此采用LDPC码简单的加权比特翻转等译码算法[3-5]来有效进行密钥协商。将等效信道下LDPC码加权比特译码算法用于协商过程的性能和BSC信道下协商后的性能进行仿真,在SNR大于6db的前提下,仿真结果表明:1)在相同低门限的条件下,和LCA算法生成的初始密钥相比较,利用LDPC码比特翻转译码等算法在等效信道下和在BSC信道下协商后的密钥不一致率比初始密钥不一致率降低1至2个数量级;2)在等效信道下利用简单加权比特翻转译码算法进行密钥协商后的密钥不一致率比BSC信道下协商后的密钥不一致率降低大约1个数量级。 相似文献
11.
Wang Changji Yang Bo Wu Jianping 《电子科学学刊(英文版)》2005,22(5):485-489
In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang's protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang's protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations. 相似文献
12.
SuiAifen LucasC.K.Hui YangYixian K.P.Chow 《电子科学学刊(英文版)》2005,22(3):268-272
Based on elliptic curve Diffie-Hellman algorithm, an Elliptic Curve Authenticated Key Agreement (ECAKA) protocol with pre-shared password is proposed. Its security relies on the Elliptic Curve Discrete Logarithm Problem (ECDLP). It provides identity authentication,key validation and perfect forward secrecy, and it can foil man-in-the-middle attacks. 相似文献
13.
Bin-Tsan Hsieh Hung-Min Sun Tzonelih Hwang 《Electronics letters》2002,38(1):20-21
Shows that the security enhancement for the simple authentication key agreement algorithm of Lin et al. [24th Ann. Int. Computer Software and Applications Conf., 2000, pp. 113-115] for Seo and Sweeney's simple authentication key agreement protocol [see ibid., vol. 35, no. 13, p. 1073-4, 1999] is still insecure against the password guessing attack 相似文献
14.
Hun-Cheol Lee Seong-Dae Kim 《Electronics letters》2002,38(5):217-218
A simple and fast method to select the assigned number of key frames in a video shot is presented. The algorithm selects the key frames so that the temporal variation of visual content within a video shot is equally distributed to each key frame. Simulation results on a real video sequence are shown to be in agreement with the human visual perception 相似文献
15.
16.
To satisfy the requirements of identity authentication and data possession proven in the cloud application scenarios,a provable data possession scheme with authentication was proposed.Based on data tag signature and randomness reusing,the proposed scheme could accomplish several issues with three interactions,including the possession proof of cloud data,the mutual authentication between user and cloud computing server,the session key agreement and confirmation.Compared to the simple combination of authentication key agreement and provable data possession schemes,the proposed scheme has less computation and interactions,and better provable securities.In the random oracle model,the security proof of the proposed scheme is given under the computational Diffie-Hellman assumption. 相似文献
17.
Security is an essential requirement in any data communication system because a cyber criminal might try to break into it at any point by any means possible. A key agreement procedure is a necessary technique to ensure the security of data communication by way of encryption and mutual authentication. This article proposes a simple key agreement scheme on the basis of chaotic maps for VSAT satellite communications. The new scheme keeps the advantages of all chaotic maps‐based public key cryptosystems, providing a secure function of session key agreement. Based on the intractability of chaotic map discrete logarithm problem and chaotic map Diffie–Hellman problem, the security of this new scheme has been proven to be robust enough against all the well‐known cryptographical attacks with perfect forward secrecy provided. In addition, compared with similar schemes that serve the same purposes, the proposed scheme demands a lower computation cost. With all the previous features put together, the proposed scheme is extremely suitable for the use in very small aperture terminal satellite communication environments. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献