| SSH协议安全性分析及改进 |
| |
| 引用本文: | 林利.SSH协议安全性分析及改进[J].电脑与信息技术,2010,18(2):25-28. |
| |
| 作者姓名: | 林利 |
| |
| 作者单位: | 湖南省电子产品检测分析所,长沙,410001 |
| |
| 摘 要: | SSH因具有良好的框架,支持多种认证通信机制,在远程访问上使用越来越广泛。文章首先介绍了SSH协议的体系框架及通信流程,分析了SSH安全特性,然后研究并指出了SSH协议存在的若干安全缺陷,详细分析了中间人攻击和击键时间间隔分析攻击,最后针对这两种缺陷提出了有效的改进方法。
|
| 关 键 词: | SSH 安全缺陷 中间人 击键时间间隔分析 |
Security Analysis and Improvement on SSH Protocol |
| |
| LIN Li.Security Analysis and Improvement on SSH Protocol[J].Computer and Information Technology,2010,18(2):25-28. |
| |
| Authors: | LIN Li |
| |
| Affiliation: | Hunan Institute of Electronic Products Testing and Analyzing;Changsha 410001;China |
| |
| Abstract: | As a protocol for secure remote access,SSH has nice mechanism to provide mutual authentication for both sides of correspondence,data encryption and integrity protection.However,SSH has many weaknesses.First,it is vulnerable to active man-in-the-middle attacks when users on the client without server's public key login.Second,there are serious security risks of timing analysis of keystrokes and timing attacks.This dissertation detailedly analyses these two methods of attack and points out other weaknesses of ... |
| |
| Keywords: | SSH security weakness man-in-the-middle timing analysis of keystrokes |
| 本文献已被 CNKI 维普 万方数据 等数据库收录! |
