摘要
提出了一种高效的可信网络存储协议,协议只需两轮交互就实现了服务器与用户间的身份认证和密钥协商,同时在协议的第一轮交互中实现了对客户端平台身份的认证和平台完整性校验,改进了原来系统服务器遭受攻击易导致整个系统瘫痪的缺点,提高了系统的可靠性和协议的执行效率,在此基础上建立了用户与智能磁盘间的安全信道。最后利用CK模型证明了协议是SK安全的,用户与磁盘间的信道是安全信道,提高了系统数据的保密性、完整性和不可抵赖性。
A provable secure trusted protocol for NASD was proposed. The protocol will achieve authentication, key agreement and secure channel within two rounds among the server, the disks and the user. At the same time, the protocol could realize the platform authentication and platform integrity verification in the first round of protocol interaction, which would improve the efficiency of the protocol, and prevent the server from malicious attacks effectively. The analysis results show that the protocol is SK-secure by using CK model, which would increase the data confidentiality, integrity and no repudiation.
出处
《通信学报》
EI
CSCD
北大核心
2011年第5期169-174,共6页
Journal on Communications
基金
国家科技部重大专项基金资助项目(2011ZX03005-002)
国家自然科学基金资助项目(60872041
61072066)
中央高校基本科研业务费基金资助项目(JY10000903001
JY10000901034)~~
关键词
可证明安全
可信网络接入
NASD
网络存储协议
provable security
trusted network access
network attached secure disks
network storage protocol
