摘要
认证双方数据的同步是认证协议以及认证密钥交换协议的基本要求,但是在协议设计过程中难以把握且经常被忽视。对近年来可证明安全的一个RFID认证协议和一个RFID认证密钥交换协议以及可证明安全的一个移动卫星通信系统认证密钥交换协议进行了仔细分析,分别发现了针对这些协议的数据同步攻击,这些攻击破坏了协议的可用性。最后分别给出了改进方案,以克服存在的安全隐患。
Data synchronization is a basic rectuirement for authentication protocols and authenticated key exchange protocols, but it is much trickier and many times overlooked. By carefully analyzing an RFID authentication protocol, an RFID anthenticated key exchange protocol,and an authenticated key exchange protocol for mobile satellite communicalion systems which were found to be provably secure at present, attacks of data synchronization to these protocols were found respectively. These attacks destroy the availability of protocols. Furthermore, improvements to overcome the security vulnerabilities of these protocols were proposed.
出处
《计算机科学》
CSCD
北大核心
2010年第3期83-85,共3页
Computer Science
基金
国防科技预研项目资助
关键词
认证协议
数据同步
攻击
安全
Authentication protocol, Data synchronization, Attack, Security