共查询到20条相似文献,搜索用时 46 毫秒
1.
《IEEE transactions on information theory / Professional Technical Group on Information Theory》1984,30(4):601-611
The authors claim that the security of the Merkle-Hellman algorithm is greatly exaggerated. First, any enciphering key that is obtained from a superincreasing sequence has infinitely many superincreasing deciphering keys that can decipher all messages. This follows from the fact that the conditions on the transformation^{ast} w bmod m requirew/m to lie in a restricted set of intervals. Second, it is claimed that iterative transformations^{ast} w bmod m may not increase the security. In the example that Merkle and Hellman used for "proving" the benefits of the iterative transformation, the security is completely ruined. Third, techniques are presented to crack one bit of the plaintext. These techniques apply to sets of enciphering keys introduced in this text, which contain all the Merkle-Hellman enciphering keys. Such bit-by-bit techniques also allow the construction of new enciphering keys. Fourth, some knapsacks that allow a one-to-one deciphering cannot be obtained from easy deciphering keys, e.g., superincreasing keys, even with infinitely many transformations^{ast} w bmod m! If the worst cases of nondeterministic polynomial complete knapsack problems are always of this kind, the foundation of the security of the Merkle-Hellman algorithm is nonexistent. The cryptanalysis can be reduced to a problem of simultaneous diophantine approximations. A link is made with other recent results. 相似文献
2.
Companies around the world are embracing electronic commerce, and within two years this long-heralded yet largely unrealized “killer application” for the Internet is poised for an explosive 300 percent growth, according to Deloitte Consulting's 1998 Global Survey of Chief Information Executives. Security is an essential ingredient in enabling these electronic transactions. The fundamental requirements are to identify and authenticate the parties involved, and to protect the information from compromise. This article describes the elements of public-key infrastructures (PKIs), and show how they are well suited to provide these security services. The pioneering experience of Scotiabank, an early adopter of PKI technology and operator of one of the largest deployed PKIs on the Internet, is outlined 相似文献
3.
RFID是一种新型的非接触式自动识别技术,已经在门禁、运输系统、目标跟踪等领域得到广泛应用。但在实际应用过程中,RFID系统还存在诸多安全隐患。因此,设计和完善相关安全机制及安全认证协议对保护RFID系统来说仍然至关重要。文中通过对RFID系统结构的分析,总结了安全隐患存在的原因。介绍了RFID安全策略,主要是几种常见物理安全机制和基于密码技术的安全协议,并对其优缺点进行了简要分析。讲述了一种混合加密安全模型,进而提出了一种通过密钥更新和工作负荷转移改进混合加密安全模型的方法,增强了混合加密模型的安全性和实用性。通过对改进后协议的分析可知,该协议能够抵抗重传、跟踪等常见安全问题。 相似文献
4.
RFID是一种新型的非接触式自动识别技术,已经在门禁、运输系统、目标跟踪等领域得到广泛应用。但在实际应用过程中,RFID系统还存在诸多安全隐患。因此,设计和完善相关安全机制及安全认证协议对保护RFID系统来说仍然至关重要。文中通过对RFID系统结构的分析,总结了安全隐患存在的原因。介绍了RFID安全策略,主要是几种常见物理安全机制和基于密码技术的安全协议,并对其优缺点进行了简要分析。讲述了一种混合加密安全模型,进而提出了一种通过密钥更新和工作负荷转移改进混合加密安全模型的方法,增强了混合加密模型的安全性和实用性,通过对改进后协议的分析可知,该协议能够抵抗重传、跟踪等常见安全问题。 相似文献
5.
铁玲 《信息安全与通信保密》2007,(8):109-111
下一代移动网络提供一种方法支持移动用户在异构的接入网络之间漫游。我们需要在不同的移动管理域之间建立信任关系。在这篇文章中,提出了基于公钥密钥交换协议的互域网移动性的新的安全最优化路由协议。移动节点之间的信息交换将比通常的方法少。 相似文献
6.
Machine-type communication (MTC) takes advantage of millions of devices being connected to each other in sensing our environment. A third-generation partnership project has been actively considering MTC as an enabler for ubiquitous computing and context-aware services. Until recently, we have not yet known how to productively manage the signaling traffic from these MTC devices because authentication requirements may impose such large signaling loads that they overwhelm the radio access of 4G cellular networks. This paper proposes the design of an efficient security protocol for MTC. This protocol is designed to be compatible with the incumbent system by being composed of only symmetric cryptography. Efficiency is attained by aggregating many authentication requests into a single one. The security and performance of the new design are evaluated via formal verification and theoretical analysis. Implementation of the proposed protocol in a real LTE-A network is provided through a feasibility analysis undertaken to prove the practicability of the protocol. Based on these evaluations, we contend that the proposed protocol is practical in terms of security and performance for MTC in LTE-Advanced. 相似文献
7.
An identity verification scheme that uses a public authentication channel to validate a private authentication channel belonging to the individual who wishes to prove his identity is described. The user can prove his identity by demonstrating that he can authenticate (suitably chosen) messages in the private channel. It also provides certified receipts for transactions whose legitimacy can later be verified by impartial arbiters who do not need to be designated in advance or be involved in the transaction at the time it takes place.<> 相似文献
8.
Mobile IPv6 is a network-layer mobility protocol for the IPv6 Internet. The protocol includes several security mechanisms, such as the return-routability tests for the mobile’s home address and care-of addresses. This paper explains the threat model and design principles that motivated the Mobile IPv6 security features. While many of the ideas have become parts of the standard toolkit for designing Internet mobility protocols, some details of the reasoning have not been previously documented. 相似文献
9.
We show that the scalable multicast security protocol based on RSA, proposed by R. Molva and A. Pannetrat (see ACM Trans. Inform. Syst. Security, vol.3, no.3, p.136-60, 2000), is insecure against collusion attacks. 相似文献
10.
11.
用SSL安全协议实现WEB服务器的安全性 总被引:2,自引:0,他引:2
详细介绍SSL安全协议及在WEB服务器中的应用,如何实现WEB服务器的安全。包括将SSL卸载设备作为PCI扩展卡直接安装在安全服务器上,保证了从浏览器到服务器的连接安全性,SSL加速器的使用,安全通道的建立,密码在加密和解密数据时使用密钥的类型,证书的安装。 相似文献
12.
13.
A. Kh. Al Jabri 《International Journal of Network Management》1997,7(6):316-323
This article exploits the fact that linear codes can correct twice the number of erasures as that of errors, allowing reduction in code size and providing the same level of security. © 1997 John Wiley & Sons, Ltd. 相似文献
14.
引言移动通信技术和Internet技术,代表着当今世界信息技术的发展潮流,这两项技术对人类生产和生活的影响,无论在深度还是广度上都是前所未有的;而随着无线应用协议(WAP)的问世,建立在第三代移动通信技术基础上的移动互联网将再次引发一场新的革命。移动互联网的基础——WAP(Wireless Application Protocol)是由一系列协议组成的,它的作用是使标准化的无线通信设备,例如蜂窝电话、移动终端等可进行Internet访问,包括收发电子邮件、访问WWW页面等。WAP协议中的WAE层含有微型浏览器、WML、WMLSCRIPT的解释器等功能。WAP网站由W… 相似文献
15.
SSL协议及其安全性分析 总被引:6,自引:0,他引:6
本文在简单介绍SSL协议的工作原理和流程后,重点从协议自身的缺陷以及对SSL协议的不规范应用两个方面对其安全性进行了较详尽的分析,同时讨论了规范使用SSL协议的安全策略。 相似文献
16.
《Communications Surveys & Tutorials, IEEE》2009,11(1):52-65
Web surfing is an example (and popular) Internet application where users desire services provided by servers that exist somewhere in the Internet. To provide the service, data must be routed between the user?s system and the server. Local network routing (relative to the user) can not provide a complete route for the data. In the core Internet, a portion of the network controlled by a single administrative authority, called an Autonomous System (AS), provides local network support and also exchanges routing information with other ASes using the Border Gateway Protocol (BGP). Through the BGP route exchange, a complete route for the data is created. Security at this level in the Internet is challenging due to the lack of a single administration point and because there are numerous ASes which interact with one another using complex peering policies. This work reviews recent techniques to secure BGP. These security techniques are categorized as follows: 1) cryptographic/attestation, 2) database, 3) overlay/group protocols, 4) penalty, and 5) data-plane testing. The techniques are reviewed at a high level in a tutorial format, and shortcomings of the techniques are summarized as well. The depth of coverage for particular published works is intentionally kept minimal, so that the reader can quickly grasp the techniques. This survey provides a basis for evaluation of the techniques to understand coverage of published works as well as to determine the best avenues for future research. 相似文献
17.
18.
The structured design of cryptographically good s-boxes 总被引:1,自引:1,他引:1
We describe a design procedure for the s-boxes of private key cryptosystems constructed as substitution-permutation networks (DES-like cryptosystems). Our procedure is proven to construct s-boxes which are bijective, are highly nonlinear, possess the strict avalanche criterion, and have output bits which act (vitually) independently when any single input bit is complemented. Furthermore, our procedure is very efficient: we have generated approximately 60 such 4 × 4 s-boxes in a few seconds of CPU time on a SUN workstation.This work was partially supported by a grant from the Natural Sciences and Engineering Research Council of Canada. 相似文献
19.
A Wireless Sensor Network (WSN) link layer security protocol called WSNSec is proposed in this paper. The effective usage of limited sensor node resources is of high importance in WSN security protocol design and implementation. In addition, research on increased security for the WSNs employed in especially military and health areas recently receives a remarkable attention as primarily focused on in this presented work. The WSNSec smoothly combines the advantageous aspects of the Scalable Encryption Algorithm (SEA) with the Counter Mode (CTR) and Cipher Block Chaining-Message Authentication Code (CBC-MAC) approaches. It provides not only high data confidentiality but also message authentication and integrity functions. The WSNSec security level can be boosted dynamically if required. It has been shown that using the proposed WSNSec with the 192-bit data block/key size has a trivial increase on the memory usage and energy consumption while providing an extremely high level of security compared to the traditional TinySEC. In addition, modeling and simulation of a WSN employing the proposed WSNSec have been realized using the OPNET Modeler software. The simulation results reveal that the ratios of the delays resulted from the particular use of both WSNSec and TinySEC to the total end to end delays converge at 13% for increasing the network load. Therefore the WSNSec provides a better delay performance in highly scalable applications. 相似文献
20.
增强Kerberos协议安全性的改进方案 总被引:16,自引:0,他引:16
详细分析了Kerberos协议的安全性,并针对Kerberos协议存在的安全缺陷,提出了一种改进方案。通过详细的对比分析,改进的Kerberos协议保密强度更高、密钥的管理使用更加合理、验证过程更安全、更可靠。 相似文献