共查询到17条相似文献,搜索用时 156 毫秒
1.
2.
为了减少传感器节点的资源利用并提高网络的安全性,提出了一种基于信任度的认证方案。该方案在计算节点信任度时引入时间片、安全行动系数和交互频度来计算节点信任度,这样使得自私节点很难伪装成正常节点,信任度与当前节点行为紧密相关,并防止节点通过很少的交易次数来达到较高的信任度,再利用信任度来判断一个节点是否可信,有效地提高了应用的安全性,对恶意节点的攻击起到一定的阻碍作用。然后设计了身份标识、密码、智能卡相结合的认证方案,并且用户在与传感器节点认证之前,网关查询网络中节点的信任度,从而找到可信的节点与用户进行认证,实现可信的传感器节点、网关节点和用户三者之间的交互认证,并且用户能方便地更改密码。安全性分析、性能分析及仿真实验的结果表明,与已提出的认证方案相比,该方案能够抵制重放攻击、内部攻击、伪装攻击等,同时计算花费少,适合于对安全性和性能有要求的无线传感器网络。本文网络版地址:http://www.eepw.com.cn/article/276364.htm 相似文献
3.
4.
针对基于动态身份远程用户认证,可有效防止用户关键信息泄露,保证已认证用户通过授权获取网络服务.针对Wen-Li提出的基于动态身份远程用户认证与密钥协商方案进行安全性分析,指出该方案存在安全缺陷,可能导致泄露用户部分关键信息,进而遭受网络攻击.在保留Wen-Li方案优点基础上提出一种改进的远程用户认证方案,重新设计了认证过程中的会话密钥和密钥确认消息,与Wen-Li方案相比,改进方案能够抵御中间人攻击以及盗窃智能卡攻击,并增强了方案的前向安全性. 相似文献
5.
张利华 《微电子学与计算机》2007,24(6):80-83
分析了一个低开销的基于随机数的远程身份认证方案的安全性,指出了该方案的安全缺陷。构造了一个基于随机数和Hash函数、使用智能卡的远程身份认证方案(NHRA方案)。该方案使用随机数,避免了使用时戳带来的重放攻击的潜在风险。该方案允许用户自主选择和更改口令,实现了双向认证,有更小的计算开销;能够抵御假冒远程主机攻击、抵御假冒合法用户攻击;能够迅速检测口令输入错误及正确判断认证失败原因;具备强安全修复性。 相似文献
6.
由于网络安全的需要,利用智能卡的双因子身份鉴别方案越来越受到重视。首先分析了Wang Yan-yan等人提出的基于动态ID的远程用户身份认证方案的安全性,指出其方案的安全缺陷是不能抵抗离线的口令猜测攻击;随后提出了一种改进的方案,改进之后的方案能有效抵抗重放攻击、离线口令猜测攻击、假冒服务器/用户攻击。经过安全分析,新的方案在保留了原方案优点的同时,具有了更高的安全性。 相似文献
7.
广播认证是无线传感器网络(WSN)的一种基本安全服务,针对现有认证方案的计算量大、认证速度慢等问题,提出一种基于椭圆曲线加密(ECC)和身份(ID)签名的WSN广播快速认证方案.对现有EIBAS签名认证方案进行改进,通过节点间的合作,共享中间计算结果来减少邻居节点的计算量,以此提高认证速度,减少能量消耗.同时,提出一种安全机制,通过对多个邻居共享数据的对比来抵御恶意节点的攻击.实验结果表明,该方案相对于传统的椭圆曲线加密算法能够提高约42%的签名认证速度,降低约36%的能耗,大大延长网络生命周期. 相似文献
8.
在vBNN-IBS签名基础上提出了一种抗DoS攻击的多用户传感器网络广播认证方案DDA-MBAS,利用散列运算及用户信息进行虚假数据过滤。与现有的多用户传感器网络广播认证方案相比,DDA-MBAS在抵抗节点妥协攻击、主动攻击的基础上,以较低的能耗过滤虚假消息并有效地限制了妥协用户发起的DoS攻击及共谋攻击的安全威胁。 相似文献
9.
为满足高安全级别场景(如军事、国家安全、银行等)的应用需求,进一步提高无线传感器网络用户认证协议的安全性,提出了基于生物特征识别的三因素用户认证协议.针对Althobaiti协议无法防御节点妥协攻击、模拟攻击、中间人攻击和内部特权攻击的安全缺陷,增加智能卡和密码作为协议基本安全因素,并利用生物特征标识信息生成函数与回复函数处理的生物特征标识作为附加安全因素;在密钥管理中,为每个节点配置了与网关节点共享唯一密钥,保证认证过程的独立性与安全性;实现用户自主选择与网关节点的共享密钥,提高公共信道通信的安全性;在网关节点不参与的情况下,设计密码和生物特征标识更新机制,保证二者的新鲜性.通过Dolev-Yao拓展威胁模型的分析与AVISPA的OFMC分析终端的仿真,结果证明该认证协议克服了Althobaiti协议安全缺陷,且对计算能力的需求小于公钥加密.权衡安全性与计算成本,该协议适用于资源受限且安全需求高的无线传感器网络应用. 相似文献
10.
由于无线传感器网络(Wireless Sensor Network,WSN)节点计算能力等资源受限,如何使用较少的计算量实现节点间的认证与密钥协商以保证通信安全一直是研究的热点。针对基于对称密码的认证方案网络扩展性较差、密钥更新困难的问题,以及基于非对称密码的认证方案计算资源开销大的问题,面向WSN安全需求,提出了一种基于身份的非双线性节点认证与密钥协商方案,以椭圆曲线密码算法(Elliptic Curve Cryptography,ECC)为基础,实现了通信节点之间的双向认证、会话密钥协商、确认和更新。分析表明,方案可以满足无线传感器网络节点密钥协商过程所需的几种典型的安全属性,且在资源消耗上有所优化。 相似文献
11.
Jian-Jun Yuan 《Telecommunication Systems》2014,55(1):105-113
Since wireless sensor networks (WSN) are often deployed in an unattended environment and sensor nodes are equipped with limited computing power modules, user authentication is a critical issue when a user wants to access data from sensor nodes. Recently, M.L. Das proposed a two-factor user authentication scheme in WSN and claimed that his scheme is secure against different kinds of attack. Later, Khan and Alghathbar (K-A) pointed out that Das’ scheme has some security pitfalls and showed several improvements to overcome these weaknesses. However, we demonstrate that in the K-A-scheme, there is no provision of non-repudiation, it is susceptible to the attack due to a lost smart card, and mutual authentication between the user and the GW-node does not attained. Moreover, the GW-node cannot prove that the first message comes from the user. To overcome these security weaknesses of the K-A-scheme, we propose security patches and prove our scheme. 相似文献
12.
On the design of secure user authenticated key management scheme for multigateway‐based wireless sensor networks using ECC 
下载免费PDF全文
下载免费PDF全文 Anil Kumar Sutrala Ashok Kumar Das Neeraj Kumar Alavalapati Goutham Reddy Athanasios V. Vasilakos Joel J. P. C. Rodrigues 《International Journal of Communication Systems》2018,31(8)
In wireless sensor networks (WSNs), there are many critical applications (for example, healthcare, vehicle tracking, and battlefield), where the online streaming data generated from different sensor nodes need to be analyzed with respect to quick control decisions. However, as the data generated by these sensor nodes usually flow through open channel, so there are higher chances of various types of attacks either on the nodes or on to the data captured by these nodes. In this paper, we aim to design a new elliptic curve cryptography–based user authenticated key agreement protocol in a hierarchical WSN so that a legal user can only access the streaming data from generated from different sensor nodes. The proposed scheme is based upon 3‐factor authentication, as it applies smart card, password, and personal biometrics of a user (for ticket generation). The proposed scheme maintains low computation cost for resource‐constrained sensor nodes, as it uses efficient 1‐way cryptographic hash function and bitwise exclusive‐OR operations for secure key establishment between different sensor nodes. The security analysis using the broadly accepted Burrows‐Abadi‐Needham logic, formal security verification using the popular simulation tool (automated validation of Internet security protocols and applications), and informal security show that the proposed scheme is resilient against several well‐known attacks needed for a user authentication scheme in WSNs. The comparison of security and functionality requirements, communication and computation costs of the proposed scheme, and other related existing user authentication schemes shows the superior performance of the proposed scheme. 相似文献
13.
The e‐commerce has got great development in the past decades and brings great convenience to people. Users can obtain all kinds of services through e‐commerce platform with mobile device from anywhere and at anytime. To make it work well, e‐commerce platform must be secure and provide privacy preserving. To achieve this goal, Islam et al. proposed a dynamic identity‐based remote user mutual authentication scheme with smart card using Elliptic Curve Cryptography(ECC). Islam et al claimed that the security of their scheme was good enough to resist various attacks. However, we demonstrate that their scheme is vulnerable to insider attack and suffers from off‐line password guessing attack if smart card is compromised. To overcome the deficiencies, we present an improved scheme over Islam's scheme. The security proof and analysis shows that our scheme can also provide user anonymity and mutual authentication, and the security is enough to against relay attack, impersonation attack, and other common secure attackers. The performance analysis shows that the proposed scheme is more efficient than Islam et al's scheme. 相似文献
14.
A secure and enhanced elliptic curve cryptography‐based dynamic authentication scheme using smart card 下载免费PDF全文
下载免费PDF全文 Madhusudhan R Manjunath Hegde Imran Memon 《International Journal of Communication Systems》2018,31(11)
In remote system security, 2‐factor authentication is one of the security approaches and provides fundamental protection to the system. Recently, numerous 2‐factor authentication schemes are proposed. In 2014, Troung et al proposed an enhanced dynamic authentication scheme using smart card mainly to provide anonymity, secure mutual authentication, and session key security. By the analysis of Troung et al's scheme, we observed that Troung et al' s scheme does not provide user anonymity, perfect forward secrecy, server's secret key security and does not allow the user to choose his/her password. We also identified that Troung et al's scheme is vulnerable to replay attack. To fix these security weaknesses, a robust authentication scheme is proposed and analyzed using the formal verification tool for measuring the robustness. From the observation of computational efficiency of the proposed scheme, we conclude that the scheme is more secure and easy to implement practically. 相似文献
15.
2009年,Liao—Wang提出了一种基于智能卡的典型远程用户身份鉴别方案,经分析证明该方案存在安全脆弱性,容易受到离线口令猜测攻击,攻击者伪装成服务器的攻击,域内合法用户伪装成域内其他用户的攻击。之后提出了一种安全改进方案,解决了上述脆弱性问题,具有可靠的安全性。 相似文献
16.
Bae‐Ling Chen Wen‐Chung Kuo Lih‐Chyau Wuu 《International Journal of Communication Systems》2014,27(2):377-389
Smart‐card‐based remote user password authentication schemes are commonly used for providing authorized users a secure method for remotely accessing resources over insecure networks. In 2009, Xu et al. proposed a smart‐card‐based password authentication scheme. They claimed their scheme can withstand attacks when the information stored on the smart card is disclosed. Recently, Sood et al. and Song discovered that the smart‐card‐based password authentication scheme of Xu et al. is vulnerable to impersonation and internal attacks. They then proposed their respective improved schemes. However, we found that there are still flaws in their schemes: the scheme of Sood et al. does not achieve mutual authentication and the secret key in the login phase of Song's scheme is permanent and thus vulnerable to stolen‐smart‐card and off‐line guessing attacks. In this paper, we will propose an improved and efficient smart‐card‐based password authentication and key agreement scheme. According to our analysis, the proposed scheme not only maintains the original secret requirement but also achieves mutual authentication and withstands the stolen‐smart‐card attack. Copyright © 2012 John Wiley & Sons, Ltd. 相似文献
17.
Shreeya Swagatika Sahoo Sujata Mohanty Banshidhar Majhi 《Wireless Personal Communications》2018,101(3):1307-1333
The smart card based password authentication scheme is one of the most important and efficient security mechanism, which is used for providing security to authorized users over an insecure network. In this paper, we analyzed major security flaws of Jangirala et al.’s scheme and proved that it is vulnerable to forgery attack, replay attack, user impersonation attack. Also, Jangirala et al.’s scheme fail to achieve mutual authentication as it claimed. We proposed an improved two factor based dynamic ID based authenticated key agreement protocol for the multiserver environment. The proposed scheme has been simulated using widely accepted AVISPA tool. Furthermore, mutual authentication is proved through BAN logic. The rigorous security and performance analysis depicts that the proposed scheme provides users anonymity, mutual authentication, session key agreement and secure against various active attacks. 相似文献