状态绑定的安全协议消息块设计方法

Design Approach for Message Blocks of Security Protocol by Using State Binding

下载PDF

导出

摘要研究抗攻击的安全协议设计方法是安全专家一直努力的方向,而安全协议中利用密码机制形成的消息块本身结构的构造,对于安全协议的抗攻击性起着非常重要的作用.本文在重放攻击层次基础上,通过提炼安全协议为避免各种攻击应具备的状态参数,提出了一种基于状态绑定的安全协议消息块设计方法.该方法针对安全协议各个层次可能存在的缺陷,通过状态绑定来解决这些缺陷,可极大限度地提高安全协议抗攻击的能力. It has always been the aim of specialists to study the design approach for attack-resistant security protocols. The construction of the message block formed by means of the cryptographic scheme is very important for security protocol to resist various attacks. On the basis of the hierarchy of replay attacks, the state parameters necessary for security protocol to avoid various attacks are analyzed, and then, a building approach for the message blocks of attack-resistant security protocols is proposed based on the state-binding. Aiming at possible flaws at various attack levels, this approach can solve them by state-binding, and thus the attack-resistant ability of the security protocols is enhanced to large extent.

作者陶宏才何大可

机构地区西南交通大学信息科学与技术学院

出处《小型微型计算机系统》 CSCD 北大核心 2008年第12期2229-2232,共4页 Journal of Chinese Computer Systems

基金成都市科技攻关计划项目(07GGYB050GX)资助

关键词安全协议抗攻击消息块状态绑定 security protocol） attack resistance message block： state binding

分类号 TP309 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献15

1Bird R, Gopal I, Herzberg A, et al. Systematic design of a family of attack-resistant authentication protocols[J].IEEE J Selected Areas in Communications, 1993, 11(5) :679-693.
2Woo T, Lam S. A lesson on authentication protocol design[J].Operating Systems Review, 1994, 28(3):24-37.
3Gong Li, Syverson P. Fail-stop protocols: an approach to designing secure protoeols[C]. Dependable Computing for Critical Applications 5. IEEE Computer Society, 1998,79-100.
4Heather J, Lowe G,Schneider S. How to prevent type flaw attacks on security protocols[C]. 13th Computer Security Foundations Workshop. Los Alamitos: IEEE Computer Society Press, 2000,255-268.
5Guttman J D. Security protocol design via authentication tests [C]. 15th IEEE Computer Security Foundations Workshop (CSFW'02). Cape Breton, Canada, IEEE Computer Society Press, 2002,92-103.
6Datta A, Derek A,Mitchell J C,et al. A derivation system for security protocols and its logical formalization [C]. 16th IEEE Computer Security Foundations Workshop. 2003,109-125.
7Clark J, Jacob J. A survey of authentication protocol literature version 1.0[R]. Heslingtan, York: University of York, Department of Computer Science, 1997.
8SPORE. Security protocols library[EB/OL].http://www.lsv.ens-cachan. fr/spore, 2005.12.2
9陶宏才,何大可.基于攻击层次的重放攻击分类[J].西南交通大学学报,2007,42(3):335-339. 被引量：7
10Satyanaraynan M. Integrating security in a large distributed system[J]. ACM Transactions on Computer Systems, 1989, 7 (3) :247-280.

二级参考文献13

1梅其祥,何大可,郑宇.基于Pairing抗选择密文攻击的新门限密码体制[J].西南交通大学学报,2005,40(6):727-730. 被引量：1
2陶宏才,何大可.Sequence Patterns of Identity Authentication Protocols[J].Journal of Southwest Jiaotong University(English Edition),2006,14(3):205-211. 被引量：2
3SYVERSON P.A taxonomy of replay attacks[C]//Proceedings of the 1994 IEEE Computer Security Foundations Workshop Ⅶ.Los Alamitos:IEEE Computer Society Press,1994:187-191.
4KELSEY J,SCHNEIER B,WAGNER D.Protocol interactions and the chosen protocol attack[C]//Proc.of Security Protocols-5th International Workshop,Lecture Notes in Computer Science.Berlin:Springer-Verlag,1997(1 361):91-104.
5CLARK J,JACOB J.A survey of authentication protocol literature:version 1.0[EB/OL].[2002-06-06].http://www-users.cs.york.ac.uk/～jac/under the link"Security Protocols Review",November 1997.
6SPORE.Security protocols library[EB/OL].[2005-12-02],http://www.lsv.ens-cachan.fr/spore.
7NEEDHAM R,SCHROEDER M.Using encryption for authentication in large networks of computers[J].Communications of the ACM,1978,21(12):993-999.
8DENNING D,SACCO G.Timestamps in key distribution protocols[J].Communications of the ACM,1981,24(8):533-536.
9LOWE G.An attack on the Needham-Schroeder public-key authentication protocol[J].Information Processing Letters,1995,56:131-133.
10BURROWS M,ABADI M,NEEDHAM R.A logic of authentication[R].Palo Alto:Digital Systems Research Center,1989.

共引文献6

1袁穗波,李利.星座图法在防护林功能经营区划分中的应用[J].湖南林业科技,2000,27(1):10-15. 被引量：6
2赵军民,王春丽.一种改进的CMP1协议及其Petri网分析[J].河南城建学院学报,2014,23(3):57-63.
3白媛,贾其兰,王倩,张会兵.一种基于预警机制的自适应选择AS-AKA协议[J].天津理工大学学报,2015,31(2):24-29.
4王效武,刘英.基于方向的重放攻击防御机制[J].通信技术,2019,52(6):1500-1503. 被引量：7
5张晓娟,曹靖怡,缪思薇,朱亚运,王海翔,应欢,周亮.电力工控系统攻击渗透技术综述[J].电力信息与通信技术,2021,19(3):49-59. 被引量：11
6钟慧欣,俞洋,张朋伟.针对电力信息物理融合系统的网络攻击综述[J].电脑知识与技术,2023,19(29):100-102. 被引量：1

1陶宏才,何大可.基于攻击层次的重放攻击分类[J].西南交通大学学报,2007,42(3):335-339. 被引量：7
2赵华峰.密码协议中重放攻击的研究[J].科学技术与工程,2008,8(18):5308-5312. 被引量：2
3李景林.CCD驱动方式的比较[J].微计算机信息,2010,26(5):192-193. 被引量：10
4孔令华,赵隆军.钻井现场数据实时传输系统服务器端的设计[J].胜利油田职工大学学报,2005(1):48-49. 被引量：4
5荣京东,田梅.计算机网络黑客攻击技术探析[J].广西科学院学报,2000,16(4):173-178.
6徐川,杜成,唐红.DDoS攻击检测研究综述[J].电信科学,2011,27(3):85-89. 被引量：5
7张云生.数据共享机制形成和建立[J].网管员世界,2010(12):18-19.
8谢旭荣,隋相,刘循英,王岚.深度神经网络建模方法用于数据缺乏的带口音普通话语音识别的研究（英文）[J].集成技术,2015,4(6):26-36.
9王敏琴.遗传算法在基于免疫学原理检测器生成中的应用[J].医疗卫生装备,2006,27(8):52-54.
10袁胜龙,郭武,戴礼荣.基于深层神经网络的藏语识别[J].模式识别与人工智能,2015,28(3):209-213. 被引量：14

小型微型计算机系统

2008年第12期

浏览历史

内容加载中请稍等...

状态绑定的安全协议消息块设计方法

参考文献15

二级参考文献13

共引文献6

相关作者

相关机构

相关主题

浏览历史