计算机科学 ›› 2010, Vol. 37 ›› Issue (3): 83-85.

• 计算机网络与信息安全 • 上一篇    下一篇

认证协议中数据同步的分析

邓淼磊,黄照鹤,杨录山,周利华   

  1. (解放军信息工程大学理学院 郑州450001);(南阳理工学院网络中心 南阳473004);(西安电子科技大学计算机学院 西安710071)
  • 出版日期:2018-12-01 发布日期:2018-12-01
  • 基金资助:
    本文受国防科技预研项目资助。

Data Synchronization of Authentication Protocols

DENG Miao-lei,HUANG Zhao-he,YANG Lu-shan,ZHOU Li-hua   

  • Online:2018-12-01 Published:2018-12-01

摘要: 认证双方数据的同步是认证协议以及认证密钥交换协议的基本要求,但是在协议设计过程中难以把握且经常被忽视。对近年来可证明安全的一个RFID认证协议和一个RFID认证密钥交换协议以及可证明安全的一个移动卫星通信系统认证密钥交换协议进行了仔细分析,分别发现了针对这些协议的数据同步攻击,这些攻击破坏了协议的可用性。最后分别给出了改进方案,以克服存在的安全隐患。

关键词: 认证协议,数据同步,攻击,安全

Abstract: Data synchronization is a basic rectuirement for authentication protocols and authenticated key exchange protocols, but it is much trickier and many times overlooked. By carefully analyzing an RFID authentication protocol, an RFID anthenticated key exchange protocol,and an authenticated key exchange protocol for mobile satellite communicalion systems which were found to be provably secure at present, attacks of data synchronization to these protocols were found respectively. These attacks destroy the availability of protocols. Furthermore, improvements to overcome the security vulnerabilities of these protocols were proposed.

Key words: Authentication protocol,Data synchronization,Attack,Security

No related articles found!
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!