Secure authentication scheme for passive C1G2 RFID tags

Privacy and security concerns inhibit the fast adaption of RFID technology for many applications. A number of authentication protocols that address these concerns have been proposed but real-world solutions that are secure, maintain low communication cost and can be integrated into the ubiquitous EPCglobal Class 1 Generation 2 tag protocol (C1G2) are still needed and being investigated. We present a novel authentication protocol, which offers a high level of security through the combination of a random key scheme with a strong cryptography. The protocol is applicable to resource, power and computationally constraint platforms such as RFID tags. Our investigation shows that it can provide mutual authentication, untraceability, forward and backward security as well as resistance to replay, denial-ofth-service and man-in-the-middle attacks, while retaining a competitive communication cost. The protocol has been integrated into the EPCglobal C1G2 tag protocol, which assures low implementation cost. We also present a successful implementation of our protocol on real-world components such as the INTEL WISP UHF RFID tag and a C1G2 compliant reader.     

Applying a formal analysis technique to the CCITT X.509 strong two-way authentication protocol

In the quest for open systems, standardization of security mechanisms, framework, and protocols are becoming increasingly important. This puts high demands on the correctness of the standards. In this paper we use a formal logic-based approach to protocol analysis introduced by Burrows et al. [1]. We extend this logic to deal with protocols using public key cryptography, and with the notion of duration to capture some time-related aspects. The extended logic is used to analyse an important CCITT standard, the X.509 Authentication Framework. We conclude that protocol analysis can benefit from the use of the notation and that it highlights important aspects of the protocol analysed. Some aspects of the formalism need further study.This research was sponsored by the Royal Norwegian Council for Scientific and Industrial Research under Grant IT 0333.22222, and was performed while K. Gaarder was at Alcatel STK Research Centre.     

A verifiable multi-secret sharing scheme based on cellular automata

In this paper, we propose a verifiable (t, n)-threshold multi-secret sharing scheme, based on one-dimensional cellular automata where the number of secrets is not restricted by n or t. We show that our scheme can be used to solve an open problem proposed recently in Alvarez et al. (2008) [G. Alvarez, L. Hernández Encinas, A. Martín del Rey, A multisecret sharing scheme for color images based on cellular automata, Information Sciences 178 (2008) 4382-4395].     

基于读写优化的内核级加密文件系统

为增强数据的机密性,在对存储读写流程优化的基础上提出一种内核级加密文件系统(KCFS),该内核级加密文件系统能克服加密应用程序的使用不便利性和用户级加密文件系统的低效性,在内核级文件系统层提供加/解密功能,从而保护存储系统中的数据。对比测试结果表明,KCFS比用户级加密文件系统CFS具有更好的读写性能。     

设计密码协议的若干原则与方法

传统的密码协议设计主要考虑理想环境下运行的安全性。为了设计实用安全的密码协议,首先对理想环境下密码协议中存在的主要攻击进行研究和总结,提出四条协议设计原则,以避免常见的设计缺陷;然后通过对消息完整性的研究,提出一种协议转换算法,可将理想环境下安全的密码协议转换为现实环境下安全的密码协议,并证明算法的安全性。该转换算法的提出,有助于设计在现实环境下运行安全的密码协议。     

A more efficient and secure ID-based remote mutual authentication with key agreement scheme for mobile devices on elliptic curve cryptosystem

Recently, Yang and Chang proposed an identity-based remote login scheme using elliptic curve cryptography for the users of mobile devices. We have analyzed the security aspects of the Yang and Chang's scheme and identified some security flaws. Also two improvements of the Yang and Chang's scheme have been proposed recently, however, it has been found that the schemes have similar security flaws as in the Yang and Chang's scheme. In order to remove the security pitfalls of the Yang and Chang and the subsequent schemes, we proposed an enhanced remote user mutual authentication scheme that uses elliptic curve cryptography and identity-based cryptosystem with three-way challenge-response handshake technique. It supports flawless mutual authentication of participants, agreement of session key and the leaked key revocation capability. In addition, the proposed scheme possesses low power consumption, low computation cost and better security attributes. As a result, the proposed scheme seems to be more practical and suitable for mobile users for secure Internet banking, online shopping, online voting, etc.     

Internet安全协议中的密钥交换技术研究

密钥创建是以密码学为基数的数据保护的核心,同时也是Internet上对报文进行保护的关键。介绍了在Internet协议中两个通信实体利用Diffie-Hellman密钥交换技术协商创建密钥的几种方案,并就每种方案的特点进行了讨论。     

On the Symbolic Reduction of Processes with Cryptographic Functions

We study the reachability problem for cryptographic protocols represented as processes relying on perfect cryptographic functions. We introduce a symbolic reduction system that can handle hashing functions, symmetric keys, and public keys. Desirable properties such as secrecy or authenticity are specified by inserting logical assertions in the processes.We show that the symbolic reduction system provides a flexible decision procedure for finite processes and a reference for sound implementations. The symbolic reduction system can be regarded as a variant of syntactic unification which is compatible with certain set-membership constraints. For a significant fragment of our formalism, we argue that a dag implementation of the symbolic reduction system leads to an algorithm running in nptime thus matching the lower bound of the problem.In the case of iterated or finite control processes, we show that the problem is undecidable in general and in ptime for a subclass of iterated processes that do not rely on pairing. Our technique is based on rational transductions of regular languages and it applies to a class of processes containing the ping-pong protocols studied in 1982 by Dolev, Even and Karp.     

一种分析密码协议的新逻辑

提出了一种分析密码协议的新逻辑。针对信息安全的需要,给出了一套与加解密、签名等密码学操作有关的构造和推理规则,举例说明此逻辑在分析密码协议中的应用,并讨论了需要进一步研究的问题。