共查询到19条相似文献,搜索用时 171 毫秒
1.
一种故障容忍的可证安全组密钥协商协议 总被引:1,自引:0,他引:1
对Burmester等人提出的非认证组密钥协商协议的安全性进行了深入分析,指出该协议不能抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.提出了一种故障容忍的组密钥协商(FT-GKA)协议,FT-GKA协议在密钥协商过程中加入了消息正确性的认证机制,该机制利用数字签名技术检测组内恶意节点,并在驱逐恶意节点后保证组内诚实节点能计算出正确的会话密钥,解决了Burmester等人提出协议中存在的内部恶意节点攻击问题.并证明提出的协议在DDH假设下能抵抗敌手的被动攻击,在DL假设和随机预言模型下能够抵抗内部恶意节点发起的密钥协商阻断攻击和密钥控制攻击.理论分析与实验测试表明,提出的协议具有较高的通信轮效率和较低的计算开销. 相似文献
2.
3.
4.
5.
6.
7.
8.
群组用户试图在开放式网络上进行安全通信时,需运行一个会议密钥协议来支持一个共同的会议密钥K.本文中,利用基于MDS码(Maximum Distance Code,极大最小距离可分码)的秘密共享方案作为基本构件,提出了一个新颖高效、可证明安全的广播信道下会议密钥协商协议.该协议在广义的Diffie-Hellman Problem(DHP)困难假设下,被动攻击者得不到任何有关诚实参与者协商出的会议密钥的信息;且无论存在多少恶意参与者,诚实参与者一定能够协商出一共同的会议密钥. 相似文献
9.
Joux提出的三方密钥协商方案虽然简洁、高效,但不能抵抗中间人攻击。基于无证书公钥密码体制,提出一种新的无证书可认证多方密钥协商方案,新方案将Joux的三方协议拓展至多方,并且具有认证功能。由于新方案中所用的签名为短签名,所以整个认证过程计算效率较高,另外,新方案还具有简单证书管理、无密钥托管的优点,新方案满足无密钥控制、抗中间人的主动攻击、前向安全性和抗密钥泄露伪装攻击等多种安全特性。 相似文献
10.
11.
Wang Changji Yang Bo Wu Jianping 《电子科学学刊(英文版)》2005,22(5):485-489
In 1999, Seo and Sweeney proposed a simple authenticated key agreement protocol that was designed to act as a Diffie-Hellman key agreement protocol with user authentication. Various attacks on this protocol are described and enhanced in the literature. Recently, Ku and Wang proposed an improved authenticated key agreement protocol, where they asserted the protocol could withstand the existing attacks. This paper shows that Ku and Wang's protocol is still vulnerable to the modification attack and presents an improved authenticated key agreement protocol to enhance the security of Ku and Wang's protocol. The protocol has more efficient performance by replacing exponentiation operations with message authentication code operations. 相似文献
12.
Zuowen Tan 《International Journal of Communication Systems》2015,28(3):534-545
An authenticated group key agreement protocol allows participants to agree on a group key that will be subsequently used to provide secure group communication over an insecure network. In this paper, we give a security analysis on a pairing‐free identity‐based authenticated group key agreement because of Islam et al. We show that the protocol of Islam et al. cannot satisfy the minimal security requirements of the key agreement protocols. We propose an efficient pairing‐free identity‐based authenticated group key agreement for imbalanced mobile network. The proposed protocol can be implemented easily for practical application in mobile networks as it is free from bilinear. Under the difficulty of the InvCDH and CDH we demonstrate that the proposed protocol provides perfect forward secrecy, implicit key authentication and the dynamic functionality. As compared with the group key agreement protocols for imbalanced mobile network, the proposed protocol provides stronger security properties and high efficiency. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
13.
Efficient and flexible password authenticated key agreement for Voice over Internet Protocol Session Initiation Protocol using smart card
下载免费PDF全文
![点击此处可从《International Journal of Communication Systems》网站下载免费的PDF全文](/ch/ext_images/free.gif)
Liping Zhang Shanyu Tang Zhihua Cai 《International Journal of Communication Systems》2014,27(11):2691-2702
Providing a suitable key agreement protocol for session initiation protocol is crucial to protecting the communication among the users over the open channel. This paper presents an efficient and flexible password authenticated key agreement protocol for session initiation protocol associated with Voice over Internet Protocol. The proposed protocol has many unique properties, such as session key agreement, mutual authentication, password updating function and the server not needing to maintain a password or verification table, and so on. In addition, our protocol is secure against the replay attack, the impersonation attack, the stolen‐verifier attack, the man‐in‐the‐middle attack, the Denning–Sacco attack, and the offline dictionary attack with or without the smart card. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
14.
In order to solve the problem of identity privacy preservation between two participants involved when implementing authenticated key agreement protocol,a bidirectional authenticated key agreement protocol against quantum attack based on C commitment scheme was proposed.Through the design of C commitment function,the real identity information of two participants involved was hidden.Based on RLWE difficult problem,under the premise to ensure identity anonymity,this protocol not only completed two-way identity authentication,but also ensured the integrity of the transmitted message,furthermore,the shared session key was negotiated.After been analyzed,in terms of protocol’s execution efficiency,only two rounds of message transmission were needed to complete anonymous two-way authentication and key agreement in the proposed scheme.Compared with Ding’s protocol,the length of public key was reduced by nearly 50%.With regard to security,the protocol could resist forgery,replay,key-copy,and man-in-the-middle attacks.It is proved that the proposed protocol satisfies the provable security under the eCK model.At the same time,the protocol is based on the RLWE problem of lattices,and can resist quantum computing attacks. 相似文献
15.
Yuh‐Min Tseng 《International Journal of Network Management》2005,15(3):193-202
Malicious intruders may launch as many invalid requests as possible without establishing a server connection to bring server service to a standstill. This is called a denial‐of‐service (DoS) or distributed DoS (DDoS) attack. Until now, there has been no complete solution to resisting a DoS/DDoS attack. Therefore, it is an important network security issue to reduce the impact of a DoS/DDoS attack. A resource‐exhaustion attack on a server is one kind of denial‐of‐service attack. In this article we address the resource‐exhaustion problem in authentication and key agreement protocols. The resource‐exhaustion attack consists of both the CPU‐exhaustion attack and the storage‐exhaustion attack. In 2001, Hirose and Matsuura proposed an authenticated key agreement protocol (AKAP) that was the first protocol simultaneously resistant to both the CPU‐exhaustion attack and the storage‐exhaustion attack. However, their protocol is time‐consuming for legal users in order to withstand the DoS attack. Therefore, in this paper, we propose a slight modification to the Hirose–Matsuura protocol to reduce the computation cost. Both the Hirose–Matsuura and the modified protocols provide implicit key confirmation. Also, we propose another authenticated key agreement protocol with explicit key confirmation. The new protocol requires less computation cost. Because DoS/DDoS attacks come in a variety of forms, the proposed protocols cannot fully disallow a DoS/DDoS attack. However, they reduce the effect of such an attack and thus make it more difficult for the attack to succeed. Copyright © 2005 John Wiley & Sons, Ltd. 相似文献
16.
In 2009, Lee et al. (Ann Telecommun 64:735–744, 2009) proposed a new authenticated group key agreement protocol for imbalanced wireless networks. Their protocol based on bilinear pairing was proven the security under computational Diffie–Hellman assumption. It remedies the security weakness of Tseng’s nonauthenticated protocol that cannot ensure the validity of the transmitted messages. In this paper, the authors will show that Lee et al.’s authenticated protocol also is insecure. An adversary can impersonate any mobile users to cheat the powerful node. Furthermore, the authors propose an improvement of Lee et al.’s protocol and prove its security in the Manulis et al.’s model. The new protocol can provide mutual authentication and resist ephemeral key compromise attack via binding user’s static private key and ephemeral key. 相似文献
17.
Jia-Lun Tsai 《电信纪事》2011,66(11-12):663-669
An authenticated group key agreement protocol allows a group of parties to authenticate each other and then determine a group key via an insecure network environment. In 2009, Lee et al. first adopted bilinear pairings to propose a new nonauthenticated group key agreement protocol and then extend it to an authenticated group key agreement protocol. This paper points out that the authenticated protocol of Lee et al. is vulnerable to an impersonation attack such that any adversary can masquerade as a legal node to determine a group key with the other legal nodes and the powerful node. This paper shall employ the short signature scheme of Zhang et al. to propose a new authenticated group key agreement protocol. The short signature scheme of Zhang et al. is proven to be secure against the adaptive chosen-message attacks in the random oracle model, so the proposed protocol can withstand the possible attacks. Besides, compared with the authenticated protocol of Lee et al., the proposed protocol is more secure and efficient. 相似文献
18.
19.
Two-party certificateless authenticated key agreement(CL-AKA) protocol is a hot topic in the field of wireless communication security. An improved two-party CL-AKA protocol with enhanced security is proposed,which is of provable security and unforgeability in the extended Canetti-Krawczyk (eCK) security model based on the hardness assumption of the computational Diffie Hellman (CDH) problem. Compared with other similar protocols, it is more efficient and can satisfy security properties such as free of the centralized management of certificate and key, free of bilinear pairings, two-party authentication, resistant to unknown key-share attack, key compromise impersonation attacks, the man-in-the-middle-attack of key generation center (KGC), etc. These properties make the proposed protocol have better performance and adaptability for military communication. 相似文献