摘要
近几年,NFC在移动市场发展迅猛,尤其在移动支付领域表现突出,这使得其成为黑客、各大运营商及第三方支付平台关注的焦点,因此它的安全问题也被推到了风口浪尖。针对威胁性较高的中间人攻击和重放攻击提出了一种可证安全的身份验证方案,通过引入带外验证保证注册阶段的安全性,同时通过两次生成的随机数组不会完全一样的特性,让两台设备同时参与认证,保证身份验证阶段的安全性。实验结果表明,该方案能有效地防止中间人攻击和重放攻击,具有较高的安全性。
In recent years, the NFC develops rapidly in the mobile market, particularly in the field of mobile payments, and this makes it the focus of hackers, major carriers and third-party payment platform. Thus its security issue is pushed to the prominent position. This paper proposes a security-verifiable ID authentication scheme for preventing the man- in-the-middle attack and replay attack. And the security of registration phrase is guaranteed by introducing out-of- band authentication. Based on the completely different characteristics of random number groups generated twice, the two devices are made to participate in the certification, thus to ensure the security of the authentication phase. The experiment indicates that this scheme could effectively prevent the man-in-the-middle attack.
出处
《信息安全与通信保密》
2013年第7期69-71,共3页
Information Security and Communications Privacy
