共查询到20条相似文献,搜索用时 14 毫秒
1.
When accessing remote services over public networks, a user authentication mechanism is required because these activities are executed in an insecure communication environment. Recently, Wang et al. proposed an authentication and key agreement scheme preserving the privacy of secret keys and providing user anonymity. Later, Chang et al. indicated that their scheme suffers from two security flaws. First, it cannot resist DoS (denial-of-service) attack because the indicators for the next session are not consistent. Second, the user password may be modified by a malicious attacker because no authentication mechanism is applied before the user password is updated. To eliminate the security flaws and preserve the advantages of Wang et al.'s scheme, we propose an improvement in this paper. 相似文献
2.
In order to remedy the security weaknesses of a robust user authentication framework for wireless sensor networks, an enhanced user authentication framework is presented. The enhanced scheme requires proof of the possession of both a password and a smart card, and provides more security guarantees in two aspects: 1) it addresses the untraceability property so that any third party accessing the communication channel cannot link two authentication sessions originated from the same user, and 2) the use of a smart card prevents offline attacks to guess passwords. The security and efficiency analyses indicate that our enhanced scheme provides the highest level of security at reasonable computational costs. Therefore, it is a practical authentication scheme with attractive security features for wireless sensor networks. 相似文献
3.
4.
客户端-服务器认证协议的匿名性指服务器能够认证客户端的真实性,但无法获知客户端的身份。针对认证协议提出了新的安全性需求—不可链接性,该性质是对匿名性的有益补充。对已有文献中的认证协议进行修正,使其在不降低认证效率的前提下满足不可链接性。修正后的方案同时提供身份保护性、不可链接性、双向认证、密钥协商、密钥更新、会话密钥的后向保密性以及客户端的口令修改功能。 相似文献
5.
6.
Since network services are provided cooperatively by multiple servers in the lnternet, the authentication protocols for multiserver architecture are required by Internetbased services, such as online game, online trade and so on. Recently, Li et al. analyzed Lee et al.'s protocol and proposed an improved dynamic identity based authentication protocol for multi-server architecture. They claimed that their protocol provides user's anonymity, mutual authentication and the session key agreement against several kinds of attacks. In this paper, a cryptanalysis on Lee et al.'s scheme shows that Lee et al's protocol is also vulnerable to malicious server attack, stolen smart card attack and leak-of-verifier attack. Moreover, Li e/ al.'s improved protocol is also vulnerable to all these attacks. Further cryptanalysis reveals that Li et al.'s improved protocol is susceptible to collusion attack. 相似文献
7.
一种基于智能卡的双向身份认证方案 总被引:1,自引:0,他引:1
计算机网络的普及使更多的资源和应用可以利用网络远程获得,所以身份认证问题成为网络安全研究中的重要课题。当前主要的身份认证方法有以下几种:基于口令的身份认证;基于生物特征的身份认证;基于智能卡的身份认证以及几种方式的混合认证。结合密码学和智能卡技术的身份认证方案也被多次提出,许多专家和学者还提出了多种改进的方案。但是,这些方案均会出现一些不可避免的漏洞。针对多种方案的漏洞,该文提出了一种在智能卡中引入公钥密码算法的认证方案,并对其安全性进行了分析,该方案的安全性和优越性也在文中得到体现。 相似文献
8.
针对无线传感器网络(WSN)用户远程安全认证问题,分析现有方案的不足,提出一种新颖的基于智能卡的WSN远程用户认证方案。通过用户、网关节点和传感器节点之间的相互认证来验证用户和节点的合法性,并结合动态身份标识来抵抗假冒攻击、智能卡被盗攻击、服务拒绝攻击、字典攻击和重放攻击。同时对用户信息进行匿名保护,且用户能够任意修改密码。性能比较结果表明,该方案具有较高的安全性能,且具有较小的计算开销。 相似文献
9.
分析了Zhang等提出的身份鉴别方案,指出了其不能抵抗离线口令猜测攻击,以及在登录阶段和验证阶段存在设计缺陷等问题.然后在保留其优点的基础之上,通过引入随机数和增加登录请求信息的方法,提出了一种更加安全可靠的口令认证协议方案.安全性分析结果表明,该方案能够有效抵抗离线口令猜测攻击和假冒攻击,可以实现双向鉴别等特点,增强了系统的安全性和实用性. 相似文献
10.
认证技术是当今网络安全发展的一个重要方向.无线传感器网络由于结点的资源和计算能力的限制,简单有效的认证协议是其需要考虑的重要问题.然而研究发现M.L.Das和Khan的协议都有一些安全缺陷,本文提出了一种适用于无线传感器网络的双因子认证协议,并对协议进行了安全分析和性能测试.结果表明,该协议能应对多种攻击,系统安全性高. 相似文献
11.
Ubiquitous networks provide roaming service for mobile nodes enabling them to use the services extended by their home networks in a foreign network. A mutual authentication scheme between the roamed mobile node and the foreign network is needed to be performed through the home network. Various authentication schemes have been developed for such networks, but most of them failed to achieve security in parallel to computational efficiency. Recently, Shin et al. and Wen et al. separately proposed two efficient authentication schemes for roaming service in ubiquitous networks. Both argued their schemes to satisfy all the security requirements for such systems. However, in this paper, we show that Shin et al. 's scheme is susceptible to: (i) user traceability; (ii) user impersonation; (iii) service provider impersonation attacks; and (iv) session key disclosure. Furthermore, we show that Wen et al. 's scheme is also insecure against: (i) session key disclosure; and (ii) known session key attacks. To conquer the security problems, we propose an improved authentication scheme with anonymity for consumer roaming in ubiquitous networks. The proposed scheme not only improved the security but also retained a lower computational cost as compared with existing schemes. We prove the security of proposed scheme in random oracle model. Copyright © 2015 John Wiley & Sons, Ltd. 相似文献
12.
网络安全中认证协议的分析与比较 总被引:2,自引:0,他引:2
介绍网络安全中身分认证的基本方式,分析比较一次性口令认证、Kerberos认证和公钥认证协议,并指出了它们各自的特点,以便在实际使用中正确选用. 相似文献
13.
14.
Pardeep Kumar Andrei Gurtov Mika Ylianttila Sang‐Gon Lee HoonJae Lee 《ETRI Journal》2013,35(5):889-899
Wireless sensor networks (WSNs) are used for many real‐time applications. User authentication is an important security service for WSNs to ensure only legitimate users can access the sensor data within the network. In 2012, Yoo and others proposed a security‐performance‐balanced user authentication scheme for WSNs, which is an enhancement of existing schemes. In this paper, we show that Yoo and others' scheme has security flaws, and it is not efficient for real WSNs. In addition, this paper proposes a new strong authentication scheme with user privacy for WSNs. The proposed scheme not only achieves end‐party mutual authentication (that is, between the user and the sensor node) but also establishes a dynamic session key. The proposed scheme preserves the security features of Yoo and others' scheme and other existing schemes and provides more practical security services. Additionally, the efficiency of the proposed scheme is more appropriate for real‐world WSNs applications. 相似文献
15.
对目前运行的GSM移动通信系统的安全性及存在问题进行了深入分析,详细讨论了GSM的鉴权机制及算法原理,分析了GSM鉴权过程中可能存在的安全隐患和可能遭到的攻击,由此提出了一种安全智能卡改进方案,可以保证网络资源的安全性. 相似文献
16.
Security in Wireless Communication 总被引:4,自引:0,他引:4
Security is a critical issue in mobile radio applications both forthe users and providers of such systems. Although the same may besaid of all communications systems, mobile application havespecial requirements and vulnerabilities, and are therefore ofspecial concern. Emerging wireless networks share many commoncharacteristics with traditional wire-line networks such as publicswitch telephone/data networks, and hence many security issueswith the wire-line networks also apply to the wirelessenvironment. However the integration of security features intowireless communication must take into account restrictions thatmay apply to their use such as small packet size, low bandwidth,high transmission costs, limited processing and storage resourcesand real time constraints. In this paper security requirements inwireless communications along with security features in 2G and 3Gsystems are described. 相似文献
17.
针对目前车联网认证密钥协商协议效率低下以及车辆公私钥频繁更新的问题,提出一个基于无证书聚合签名的车联网匿名认证与密钥协商协议.本方案通过引入临时身份和预签名机制实现对车辆的隐私保护以及匿名认证,同时通过构建临时身份索引数据库,实现可信中心对可疑车辆的事后追查,满足车辆的条件匿名性要求.此外,本方案中车辆的公私钥不随其临时身份动态改变,有效避免了已有方案公私钥频繁更新带来的系统开销.同时,为了提供高效的批量认证,采用无双线性对的聚合签名技术,实现了车辆签名的动态聚合和转发,有效降低了签名传递的通信量和云服务器的验证开销.本文方案在eCK模型和CDH问题假设下被证明是形式化安全的. 相似文献
18.
Chun Chen Daojing He Sammy Chan Jiajun Bu Yi Gao Rong Fan 《International Journal of Communication Systems》2011,24(3):347-362
Seamless roaming in the global mobility network (GLOMONET) is highly desirable for mobile users, although their proper authentication is challenging. This is because not only are wireless networks susceptible to attacks, but also mobile terminals have limited computational power. Recently, some authentication schemes with anonymity for the GLOMONET have been proposed. This paper shows some security weaknesses in those schemes. Furthermore, a lightweight and provably secure user authentication scheme with anonymity for the GLOMONET is proposed. It uses only symmetric cryptographic and hash operation primitives for secure authentication. Besides, it takes only four message exchanges among the user, foreign agent and home agent. We also demonstrate that this protocol enjoys important security attributes including prevention of various attacks, single registration, user anonymity, user friendly, no password/verifier table, and use of one‐time session key between mobile user and foreign agent. The security properties of the proposed protocol are formally validated by a model checking tool called AVISPA. Furthermore, as one of the new features in our protocol, it can defend smart card security breaches. Copyright © 2010 John Wiley & Sons, Ltd. 相似文献
19.
20.
Authentication is an important service in wireless sensor networks (WSNs) for an unattended environment. Recently, Das proposed a hash‐based authentication protocol for WSNs, which provides more security against the masquerade, stolen‐verifier, replay, and guessing attacks and avoids the threat which comes with having many logged‐in users with the same login‐id. In this paper, we point out one security weakness of Das' protocol in mutual authentication for WSN's preservation between users, gateway‐node, and sensor nodes. To remedy the problem, this paper provides a secrecy improvement over Das' protocol to ensure that a legal user can exercise a WSN in an insecure environment. Furthermore, by presenting the comparisons of security, computation and communication costs, and performances with the related protocols, the proposed protocol is shown to be suitable for higher security WSNs. 相似文献
