在Windows Server 2003中。Kerberos V5身份验证协议提供默认的身份验证服务机制,以及用户访问资源并在该资源上执行任务所必需的身份验证数据。通过缩短Kerberos票证的寿命,可降低攻击者窃取并成功使用合法用户凭据的风险。但这会增...在Windows Server 2003中。Kerberos V5身份验证协议提供默认的身份验证服务机制,以及用户访问资源并在该资源上执行任务所必需的身份验证数据。通过缩短Kerberos票证的寿命,可降低攻击者窃取并成功使用合法用户凭据的风险。但这会增加授权开销。在大多数环境中都不需要更改这些设置。展开更多
Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In...Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In this paper, the security of two matrix-based protocols, proposed by Karthikeyan and Nesterenko (KN protocol) and Ramachandra et al. (RRS protocol) that conform to Electronic Product Code Class-1 Generation-2 (EPC Class-1 Gen-2) standard, are investigated. Using the linear relationship of multiplication of matrix and vector, we point out that both protocols can not provide scalability, and they are vulnerable to passive impersonation attack. In addition, both protocols are totally insecure if the adversary can compromise one tag to extract the secrets. A modified lightweight matrix-based authentication protocol is presented, which can resist mainly common attacks on an RFID authentication system including eavesdropping, relay attack, desynchronization attack, impersonation attack and tag tracking attack. The new protocol also has the desirable scalability property and can keep secure under compromising attack.展开更多
In this paper we propose two quantum secure direct communication (QSDC) protocols with authentication.The authentication key expansion method is introduced to improve the life of the keys with security.In the first sc...In this paper we propose two quantum secure direct communication (QSDC) protocols with authentication.The authentication key expansion method is introduced to improve the life of the keys with security.In the first scheme,the third party, called Trent is introduced to authenticate the users that participate in the communication.He sends thepolarized photons in blocks to authenticate communication parties Alice and Bob using the authentication keys.In thecommunication process, polarized single photons are used to serve as the carriers, which transmit the secret messagesdirectly.The second QSDC process with authentication between two parties is also discussed.展开更多
Security vulnerability of denial of service (DoS) in time out-medium access control (T-MAC) protocol was discussed and analysis of power consumption at each stage of T-MAC protocol was carried out. For power efficient...Security vulnerability of denial of service (DoS) in time out-medium access control (T-MAC) protocol was discussed and analysis of power consumption at each stage of T-MAC protocol was carried out. For power efficient authentication scheme which can provide reliability, efficiency, and security for a general T-MAC communication, a novel synchronization and authentication scheme using authentication masking code was proposed. Authentication data were repeated and masked by PN sequence. The simulation results show that the proposed approach can provide synchronization and authentication simultaneously for nodes in wireless sensor network (WSN). 63 bits AMC code gives above 99.97% synchronization detection and 93.98% authentication data detection probability in BER 0.031 7.展开更多
It is established that a single quantum cryptography protocol usually cooperates with other cryptographicsystems,such as an authentication system,in the real world.However,few protocols have been proposed on how tocom...It is established that a single quantum cryptography protocol usually cooperates with other cryptographicsystems,such as an authentication system,in the real world.However,few protocols have been proposed on how tocombine two or more quantum protocols.To fill this gap,we propose a composed quantum protocol,containing bothquantum identity authentication and quantum key distribution,using squeezed states.Hence,not only the identity canbe verified,but also a new private key can be generated by our new protocol.We also analyze the security under anoptimal attack,and the efficiency,which is defined by the threshold of the tolerant error rate,using Gaussian errorfunction.展开更多
文摘在Windows Server 2003中。Kerberos V5身份验证协议提供默认的身份验证服务机制,以及用户访问资源并在该资源上执行任务所必需的身份验证数据。通过缩短Kerberos票证的寿命,可降低攻击者窃取并成功使用合法用户凭据的风险。但这会增加授权开销。在大多数环境中都不需要更改这些设置。
基金Supported by the Priority Academic Program Development of Jiangsu Higher Education Institutions (PAPD)the National Natural Science Foundation of China (No.60903181)Nanjing University of Posts and Telecommunications Funds (No.NY208072)
文摘Most of the Radio Frequency IDentification (RFID) authentication protocols, proposed to preserve security and privacy, are analysed to show that they can not provide security against some passive or active attacks. In this paper, the security of two matrix-based protocols, proposed by Karthikeyan and Nesterenko (KN protocol) and Ramachandra et al. (RRS protocol) that conform to Electronic Product Code Class-1 Generation-2 (EPC Class-1 Gen-2) standard, are investigated. Using the linear relationship of multiplication of matrix and vector, we point out that both protocols can not provide scalability, and they are vulnerable to passive impersonation attack. In addition, both protocols are totally insecure if the adversary can compromise one tag to extract the secrets. A modified lightweight matrix-based authentication protocol is presented, which can resist mainly common attacks on an RFID authentication system including eavesdropping, relay attack, desynchronization attack, impersonation attack and tag tracking attack. The new protocol also has the desirable scalability property and can keep secure under compromising attack.
基金Supported by the National Fundamental Research Program under Grant No.2010CB923202Specialized Research Fund for the Doctoral Program of Education Ministry of China under Grant No.20090005120008+1 种基金 the Fundamental Research Funds for the Central Universities under Grant No.BUPT2009RC0710 China National Natural Science Foundation under Grant Nos.60871082,60937003 and 10947151
文摘In this paper we propose two quantum secure direct communication (QSDC) protocols with authentication.The authentication key expansion method is introduced to improve the life of the keys with security.In the first scheme,the third party, called Trent is introduced to authenticate the users that participate in the communication.He sends thepolarized photons in blocks to authenticate communication parties Alice and Bob using the authentication keys.In thecommunication process, polarized single photons are used to serve as the carriers, which transmit the secret messagesdirectly.The second QSDC process with authentication between two parties is also discussed.
文摘Security vulnerability of denial of service (DoS) in time out-medium access control (T-MAC) protocol was discussed and analysis of power consumption at each stage of T-MAC protocol was carried out. For power efficient authentication scheme which can provide reliability, efficiency, and security for a general T-MAC communication, a novel synchronization and authentication scheme using authentication masking code was proposed. Authentication data were repeated and masked by PN sequence. The simulation results show that the proposed approach can provide synchronization and authentication simultaneously for nodes in wireless sensor network (WSN). 63 bits AMC code gives above 99.97% synchronization detection and 93.98% authentication data detection probability in BER 0.031 7.
基金Supported by the National Natural Science Foundation of China under Grant No. 60872052
文摘It is established that a single quantum cryptography protocol usually cooperates with other cryptographicsystems,such as an authentication system,in the real world.However,few protocols have been proposed on how tocombine two or more quantum protocols.To fill this gap,we propose a composed quantum protocol,containing bothquantum identity authentication and quantum key distribution,using squeezed states.Hence,not only the identity canbe verified,but also a new private key can be generated by our new protocol.We also analyze the security under anoptimal attack,and the efficiency,which is defined by the threshold of the tolerant error rate,using Gaussian errorfunction.
