The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full h...The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of "uniqueness" and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.展开更多
The Quality of Service (QoS) has received more and more attention since QoS becomes increasingly important in the Internet development. Mobile software agents represent a valid alternative to the implementation of s...The Quality of Service (QoS) has received more and more attention since QoS becomes increasingly important in the Internet development. Mobile software agents represent a valid alternative to the implementation of strategies for the negotiation. In this paper, a QoS negotiation and renegotiation system architecture based on mobile agents is proposed. The agents perform the task in the whole process. Therefore, such a system can reduce the network load, overcome latency, and avoid frequent exchange information between clients and server. The simulation results show that the proposed system could improve the network resource utility about 10%.展开更多
基金supported by the National Grand Fundamental Research (973) Program of China under Grant 2013CB338003the National Natural Science Foundation of China (NSFC) under Grants U1536205, 61170279 and 61572485
文摘The Transport Layer Security(TLS) protocol is the most important standard on the Internet for key exchange. TLS standard supports many additional handshake modes such as resumption and renegotiation besides the full handshake. The interaction and dependence of different modes may lead to some practical attacks on TLS. In 2014, Bhargavan et al. described a triple handshake attack on TLS 1.2 by exploiting the sequential running of three different modes of TLS, which can lead to a client impersonation attack after the third handshake. Subsequently, TLS 1.2 was patched with the extended master secret extension of RFC 7627 to prevent this attack. In this paper we introduce a new definition of "uniqueness" and present a renegotiable & resumable ACCE security model. We identify the triple handshake attack within the new model, and furthermore show TLS with the proposed fix can be proven secure in our model.
基金Supported by Universities Natural Science Research Project of Jiangsu Province (No. 05KJB510101).
文摘The Quality of Service (QoS) has received more and more attention since QoS becomes increasingly important in the Internet development. Mobile software agents represent a valid alternative to the implementation of strategies for the negotiation. In this paper, a QoS negotiation and renegotiation system architecture based on mobile agents is proposed. The agents perform the task in the whole process. Therefore, such a system can reduce the network load, overcome latency, and avoid frequent exchange information between clients and server. The simulation results show that the proposed system could improve the network resource utility about 10%.
