期刊文献+

一种面向组播的双向身份鉴别与授权协议

A Protocol of Bidirectional Authentication and Authorization for IP Multicast
下载PDF
导出
摘要 提出一种基于组播的逻辑心跳时钟以及一种基于跳变秘密的挑战-回应身份鉴别,作为协议的关键,并将逻辑时钟结合到消息的独立双重随机值链.据此,主体的秘密、授权以及消息是一次性有效的;消息是上下文敏感的.形式化分析及实验结果表明,该协议能够完成身份的双向鉴别和授权,能够鉴别成员未经声明就脱离组、抵抗轮内延时或偏向重放以及中间人攻击. As an essential to the protocol, a muhicast-based logical heartbeat clock and a challenge-response authentication based on secret hopping are presented, and then the logical clock is combined with independence dual nonce chain of the messages. According to the above, the principal's secret, the authorization, and the messages are one-off effectiveness in run; the messages are also context sensitive. The formalization analysis and test result indicate that this protocol can complete the bidirectional authentication and authorization, can authenticate a member who departs from the secret communication without any statement, and can resist straight or deflective run internal replay attacks, as well as the man- in-middle attacks.
出处 《计算机研究与发展》 EI CSCD 北大核心 2006年第11期1904-1913,共10页 Journal of Computer Research and Development
基金 国家"九七三"重点基础研究发展规划基金项目(2002CB312105) 国家信息关防与网络安全保障可持续发展计划基金项目(2001-技2-B-005 2002-研2-A-007)
关键词 身份鉴别 形式化分析 安全协议 组播 authentication formalized analysis security protocol IP multicast
  • 相关文献

参考文献16

  • 1卿斯汉.安全协议20年研究进展[J].软件学报,2003,14(10):1740-1752. 被引量:117
  • 2P Syverson.A taxonomy of replay attacks[C].In:Proc of the Computer Security Foundations Workshop.Los Alamitos:IEEE Computer Society Press,1994.187-191
  • 3王贵林,卿斯汉,周展飞.认证协议的一些新攻击方法[J].软件学报,2001,12(6):907-913. 被引量:23
  • 4S Deering.Host extensions for IP multicasting (IGMP v1)[OL].RFC 1112,IETF Network Working Group,1989
  • 5W Fenner.Internet Group Management Protocol,Version 2[OL].RFC 2236,IETF Network Working Group,1997
  • 6B Cain,S Deering,I Kouvelas,et al.Internet Group Management Protocol,Version 3[OL].RFC 3376,IETF Network Working Group,2002
  • 7D Harkins,D Carrel.The Internet key exchange (IKE)[OL].RFC 2409,IETF Network Working Group,1998
  • 8C Meadows.Analysis of the Internet key exchange protocol using the NRL protocol analyzer[C].In:Proc of the IEEE Symposium on Security and Privacy.Los Alamitos:IEEE Computer Society Press,1999.84-89
  • 9J Zhou.Further analysis of the Internet key exchange protocol[J].Computer Communications,2000,23(17):1606-1612
  • 10C Kaufman.Distributed Authentication Security Service (DASS)[OL].RFC 1507,IETF Network Working Group,1993

二级参考文献6

共引文献190

相关作者

内容加载中请稍等...

相关机构

内容加载中请稍等...

相关主题

内容加载中请稍等...

浏览历史

内容加载中请稍等...
;
使用帮助 返回顶部