摘要
提出一种基于组播的逻辑心跳时钟以及一种基于跳变秘密的挑战-回应身份鉴别,作为协议的关键,并将逻辑时钟结合到消息的独立双重随机值链.据此,主体的秘密、授权以及消息是一次性有效的;消息是上下文敏感的.形式化分析及实验结果表明,该协议能够完成身份的双向鉴别和授权,能够鉴别成员未经声明就脱离组、抵抗轮内延时或偏向重放以及中间人攻击.
As an essential to the protocol, a muhicast-based logical heartbeat clock and a challenge-response authentication based on secret hopping are presented, and then the logical clock is combined with independence dual nonce chain of the messages. According to the above, the principal's secret, the authorization, and the messages are one-off effectiveness in run; the messages are also context sensitive. The formalization analysis and test result indicate that this protocol can complete the bidirectional authentication and authorization, can authenticate a member who departs from the secret communication without any statement, and can resist straight or deflective run internal replay attacks, as well as the man- in-middle attacks.
出处
《计算机研究与发展》
EI
CSCD
北大核心
2006年第11期1904-1913,共10页
Journal of Computer Research and Development
基金
国家"九七三"重点基础研究发展规划基金项目(2002CB312105)
国家信息关防与网络安全保障可持续发展计划基金项目(2001-技2-B-005
2002-研2-A-007)
关键词
身份鉴别
形式化分析
安全协议
组播
authentication
formalized analysis
security protocol
IP multicast