Articoli di riviste sul tema "Security protocol"
Segui questo link per vedere altri tipi di pubblicazioni sul tema: Security protocol.
Cita una fonte nei formati APA, MLA, Chicago, Harvard e in molti altri stili
Vedi i top-50 articoli di riviste per l'attività di ricerca sul tema "Security protocol".
Accanto a ogni fonte nell'elenco di riferimenti c'è un pulsante "Aggiungi alla bibliografia". Premilo e genereremo automaticamente la citazione bibliografica dell'opera scelta nello stile citazionale di cui hai bisogno: APA, MLA, Harvard, Chicago, Vancouver ecc.
Puoi anche scaricare il testo completo della pubblicazione scientifica nel formato .pdf e leggere online l'abstract (il sommario) dell'opera se è presente nei metadati.
Vedi gli articoli di riviste di molte aree scientifiche e compila una bibliografia corretta.
1
Younes, Osama, e Umar Albalawi. "Securing Session Initiation Protocol". Sensors 22, n. 23 (23 novembre 2022): 9103. http://dx.doi.org/10.3390/s22239103.
Testo completoAbstract (sommario):
The session initiation protocol (SIP) is widely used for multimedia communication as a signaling protocol for managing, establishing, maintaining, and terminating multimedia sessions among participants. However, SIP is exposed to a variety of security threats. To overcome the security flaws of SIP, it needs to support a number of security services: authentication, confidentiality, and integrity. Few solutions have been introduced in the literature to secure SIP, which can support these security services. Most of them are based on internet security standards and have many drawbacks. This work introduces a new protocol for securing SIP called secure-SIP (S-SIP). S-SIP consists of two protocols: the SIP authentication (A-SIP) protocol and the key management and protection (KP-SIP) protocol. A-SIP is a novel mutual authentication protocol. KP-SIP is used to secure SIP signaling messages and exchange session keys among entities. It provides different security services for SIP: integrity, confidentiality, and key management. A-SIP is based on the secure remote password (SRP) protocol, which is one of standard password-based authentication protocols supported by the transport layer security (TLS) standard. However, A-SIP is more secure and efficient than SRP because it covers its security flaws and weaknesses, which are illustrated and proven in this work. Through comprehensive informal and formal security analyses, we demonstrate that S-SIP is secure and can address SIP vulnerabilities. In addition, the proposed protocols were compared with many related protocols in terms of security and performance. It was found that the proposed protocols are more secure and have better performance.
2
Rekha, H., e M. Siddappa. "Model Checking M2M and Centralised IOT authentication Protocols." Journal of Physics: Conference Series 2161, n. 1 (1 gennaio 2022): 012042. http://dx.doi.org/10.1088/1742-6596/2161/1/012042.
Testo completoAbstract (sommario):
Abstract It is very difficult to develop a perfect security protocol for communication over the IoT network and developing a reliable authentication protocol requires a detailed understanding of cryptography. To ensure the reliability of security protocols of IoT, the validation method is not a good choice because of its several disadvantages and limitations. To prove the high reliability of Cryptographic Security Protocols(CSP) for IoT networks, the functional correctness of security protocols must be proved secure mathematically. Using the Formal Verification technique we can prove the functional correctness of IoT security protocols by providing the proofs mathematically. In this work, The CoAP Machine to Machine authentication protocol and centralied IoT network Authentication Protocol RADIUS is formally verified using the well-known verification technique known as model checking technique and we have used the Scyther model checker for the verification of security properties of the respective protocols. The abstract protocol models of the IoT authentication protocols were specified in the security protocol description language and the security requirements of the authentication protocols were specified as claim events.
3
Günther, Felix. "Modeling advanced security aspects of key exchange and secure channel protocols". it - Information Technology 62, n. 5-6 (16 dicembre 2020): 287–93. http://dx.doi.org/10.1515/itit-2020-0029.
Testo completoAbstract (sommario):
AbstractSecure connections are at the heart of today’s Internet infrastructure, protecting the confidentiality, authenticity, and integrity of communication. Achieving these security goals is the responsibility of cryptographic schemes, more specifically two main building blocks of secure connections. First, a key exchange protocol is run to establish a shared secret key between two parties over a, potentially, insecure connection. Then, a secure channel protocol uses that shared key to securely transport the actual data to be exchanged. While security notions for classical designs of these components are well-established, recently developed and standardized major Internet security protocols like Google’s QUIC protocol and the Transport Layer Security (TLS) protocol version 1.3 introduce novel features for which supporting security theory is lacking.In my dissertation [20], which this article summarizes, I studied these novel and advanced design aspects, introducing enhanced security models and analyzing the security of deployed protocols. For key exchange protocols, my thesis introduces a new model for multi-stage key exchange to capture that recent designs for secure connections establish several cryptographic keys for various purposes and with differing levels of security. It further introduces a formalism for key confirmation, reflecting a long-established practical design criteria which however was lacking a comprehensive formal treatment so far. For secure channels, my thesis captures the cryptographic subtleties of streaming data transmission through a revised security model and approaches novel concepts to frequently update key material for enhanced security through a multi-key channel notion. These models are then applied to study (and confirm) the security of the QUIC and TLS 1.3 protocol designs.
4
He, Xudong, Jiabing Liu, Chin-Tser Huang, Dejun Wang e Bo Meng. "A Security Analysis Method of Security Protocol Implementation Based on Unpurified Security Protocol Trace and Security Protocol Implementation Ontology". IEEE Access 7 (2019): 131050–67. http://dx.doi.org/10.1109/access.2019.2940512.
Testo completo
5
Nam, Junghyun, Kim-Kwang Raymond Choo, Minkyu Park, Juryon Paik e Dongho Won. "On the Security of a Simple Three-Party Key Exchange Protocol without Server’s Public Keys". Scientific World Journal 2014 (2014): 1–7. http://dx.doi.org/10.1155/2014/479534.
Testo completoAbstract (sommario):
Authenticated key exchange protocols are of fundamental importance in securing communications and are now extensively deployed for use in various real-world network applications. In this work, we reveal major previously unpublished security vulnerabilities in the password-based authenticated three-party key exchange protocol according to Lee and Hwang (2010): (1) the Lee-Hwang protocol is susceptible to a man-in-the-middle attack and thus fails to achieve implicit key authentication; (2) the protocol cannot protect clients’ passwords against an offline dictionary attack; and (3) the indistinguishability-based security of the protocol can be easily broken even in the presence of a passive adversary. We also propose an improved password-based authenticated three-party key exchange protocol that addresses the security vulnerabilities identified in the Lee-Hwang protocol.
6
Amin, Ruhul, SK Hafizul Islam, Muhammad Khurram Khan, Arijit Karati, Debasis Giri e Saru Kumari. "A Two-Factor RSA-Based Robust Authentication System for Multiserver Environments". Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/5989151.
Testo completoAbstract (sommario):
The concept of two-factor multiserver authentication protocol was developed to avoid multiple number of registrations using multiple smart-cards and passwords. Recently, a variety of two-factor multiserver authentication protocols have been developed. It is observed that the existing RSA-based multiserver authentication protocols are not suitable in terms of computation complexities and security attacks. To provide lower complexities and security resilience against known attacks, this article proposes a two-factor (password and smart-card) user authentication protocol with the RSA cryptosystem for multiserver environments. The comprehensive security discussion proved that the known security attacks are eliminated in our protocol. Besides, our protocol supports session key agreement and mutual authentication between the application server and the user. We analyze the proof of correctness of the mutual authentication and freshness of session key using the BAN logic model. The experimental outcomes obtained through simulation of the Automated Validation of Internet Security Protocols and Applications (AVISPA) S/W show that our protocol is secured. We consider the computation, communication, and storage costs and the comparative explanations show that our protocol is flexible and efficient compared with protocols. In addition, our protocol offers security resilience against known attacks and provides lower computation complexities than existing protocols. Additionally, the protocol offers password change facility to the authorized user.
7
Ko, Yongho, Jiyoon Kim, Daniel Gerbi Duguma, Philip Virgil Astillo, Ilsun You e Giovanni Pau. "Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone". Sensors 21, n. 6 (15 marzo 2021): 2057. http://dx.doi.org/10.3390/s21062057.
Testo completoAbstract (sommario):
Unmanned Aerial Vehicle (UAV) plays a paramount role in various fields, such as military, aerospace, reconnaissance, agriculture, and many more. The development and implementation of these devices have become vital in terms of usability and reachability. Unfortunately, as they become widespread and their demand grows, they are becoming more and more vulnerable to several security attacks, including, but not limited to, jamming, information leakage, and spoofing. In order to cope with such attacks and security threats, a proper design of robust security protocols is indispensable. Although several pieces of research have been carried out with this regard, there are still research gaps, particularly concerning UAV-to-UAV secure communication, support for perfect forward secrecy, and provision of non-repudiation. Especially in a military scenario, it is essential to solve these gaps. In this paper, we studied the security prerequisites of the UAV communication protocol, specifically in the military setting. More importantly, a security protocol (with two sub-protocols), that serves in securing the communication between UAVs, and between a UAV and a Ground Control Station, is proposed. This protocol, apart from the common security requirements, achieves perfect forward secrecy and non-repudiation, which are essential to a secure military communication. The proposed protocol is formally and thoroughly verified by using the BAN-logic (Burrow-Abadi-Needham logic) and Scyther tool, followed by performance evaluation and implementation of the protocol on a real UAV. From the security and performance evaluation, it is indicated that the proposed protocol is superior compared to other related protocols while meeting confidentiality, integrity, mutual authentication, non-repudiation, perfect forward secrecy, perfect backward secrecy, response to DoS (Denial of Service) attacks, man-in-the-middle protection, and D2D (Drone-to-Drone) security.
8
Wang, Ying Lian, e Jun Yao Ye. "Research on Applied-Information Technology in Hierarchical Network Security Protocols Designing Based on Public Key". Advanced Materials Research 951 (maggio 2014): 169–72. http://dx.doi.org/10.4028/www.scientific.net/amr.951.169.
Testo completoAbstract (sommario):
This paper proposed an applied-information technology in hierarchical network security protocols designing model based on public key, the designing of the protocols is to be completed in several layers. Each sub-protocol achieved a sub-goal that it should complete, and provided data interface to a higher sub-protocol. And then merged the sub-protocol of each layer, to complete the protocols designing. In the previous research, the security of the protocol in applied-information technology was always regarded as a whole, which caused the protocols designing to be tremendous complexity. The hierarchical model in applied-information technology simplifies the process of security protocols designing, and make the protocols designing more clear or less cost, the security proof more simpler.
9
Du, Jinze, Chengtai Gao e Tao Feng. "Formal Safety Assessment and Improvement of DDS Protocol for Industrial Data Distribution Service". Future Internet 15, n. 1 (31 dicembre 2022): 24. http://dx.doi.org/10.3390/fi15010024.
Testo completoAbstract (sommario):
The Data Distribution Service (DDS) for real-time systems is an industrial Internet communication protocol. Due to its distributed high reliability and the ability to transmit device data communication in real-time, it has been widely used in industry, medical care, transportation, and national defense. With the wide application of various protocols, protocol security has become a top priority. There are many studies on protocol security, but these studies lack a formal security assessment of protocols. Based on the above status, this paper evaluates and improves the security of the DDS protocol using a model detection method combining the Dolev–Yao attack model and the Coloring Petri Net (CPN) theory. Because of the security loopholes in the original protocol, a timestamp was introduced into the original protocol, and the shared key establishment process in the original protocol lacked fairness and consistency. We adopted a new establishment method to establish the shared secret and re-verified its security. The results show that the overall security of the protocol has been improved by 16.7% while effectively preventing current replay attack.
10
Bala, Suman, Gaurav Sharma, Hmani Bansal e Tarunpreet Bhatia. "On the Security of Authenticated Group Key Agreement Protocols". Scalable Computing: Practice and Experience 20, n. 1 (9 marzo 2019): 93–99. http://dx.doi.org/10.12694/scpe.v20i1.1440.
Testo completoAbstract (sommario):
The group key agreement protocol enables to derive a shared session key for the remote members to communicate securely. Recently, several attempts are made to utilize group key agreement protocols for secure multicasting in Internet of Things. This paper contributes to identify the security vulnerabilities in the existing protocols, to avoid them in future constructions. The protocols presented by Gupta and Biswas have been found insecure to ephemeral secret key leakage (ESL) attack and also, malicious insiders can impersonate an honest participant. Additionally, the protocol presented by Tan is also ESL-insecure. We also present a fix to the Tan's protocol to make it secure.
11
Ding, Xia Jun, Xiao Dan Jiang e Yue Zhai Zheng. "The Research and Implementation of E-Commerce Secure Payment Protocol". Advanced Materials Research 267 (giugno 2011): 74–79. http://dx.doi.org/10.4028/www.scientific.net/amr.267.74.
Testo completoAbstract (sommario):
To implement e-commerce, the key issue is to ensure that the security of system on entire business process, primarily through encryption, security, security agreement to guarantee the e-commerce network security. The security protocol mainly used Secure Sockets Layer Protocol and Secure Electronic Transaction. In this paper, after analysis two kinds of protocol and the security technology used in the protocol, put forward a small scale enterprise e-commerce transaction system design of network security protocols, which play a reference role to small and medium enterprises engaged in electronic commerce and transaction security.
12
Kang, Burong, Xinyu Meng, Lei Zhang e Yinxia Sun. "Nonce-Based Key Agreement Protocol Against Bad Randomness". International Journal of Foundations of Computer Science 30, n. 04 (giugno 2019): 619–33. http://dx.doi.org/10.1142/s0129054119400161.
Testo completoAbstract (sommario):
Most of the existing cryptographic schemes, e.g., key agreement protocol, call for good randomness. Otherwise, the security of these cryptographic schemes cannot be fully guaranteed. Nonce-based cryptosystem is recently introduced to improve the security of public key encryption and digital signature schemes by ensuring security when randomness fails. In this paper, we first investigate the security of key agreement protocols when randomness fails. Then we define the security model for nonce-based key agreement protocols and propose a nonce-based key agreement protocol that protects against bad randomness. The new protocol is proven to be secure in our proposed security model.
13
Liu, Shanpeng, Xiong Li, Fan Wu, Junguo Liao, Jin Wang e Dingbao Lin. "A Novel Authentication Protocol with Strong Security for Roaming Service in Global Mobile Networks". Electronics 8, n. 9 (26 agosto 2019): 939. http://dx.doi.org/10.3390/electronics8090939.
Testo completoAbstract (sommario):
In today’s society, Global Mobile Networks (GLOMONETs) have become an important network infrastructure that provides seamless roaming service for mobile users when they leave their home network. Authentication is an essential mechanism for secure communication among the mobile user, home network, and foreign network in GLOMONET. Recently, Madhusudhan and Shashidhara presented a lightweight authentication protocol for roaming application in GLOMONET. However, we found their protocol not only has design flaws, but is also vulnerable to many attacks. To address these weaknesses, this paper proposes a novel authentication protocol with strong security for GLOMONET based on previous work. The fuzzy verifier technique makes the protocol free from smart card breach attack, while achieving the feature of local password change. Moreover, the computational intractability of the Discrete Logarithm Problem (DLP) guarantees the security of the session key. The security of the protocol is verified by the ProVerif tool. Compared with other related protocols, our protocol achieves a higher level of security at the expense of small increases in computational cost and communication cost. Therefore, it is more suitable for securing the roaming application in GLOMONET.
14
Lu, Jintian, Lili Yao, Xudong He, Chintser Huang, Dejun Wang e Bo Meng. "A Security Analysis Method for Security Protocol Implementations Based on Message Construction". Applied Sciences 8, n. 12 (8 dicembre 2018): 2543. http://dx.doi.org/10.3390/app8122543.
Testo completoAbstract (sommario):
Security protocols are integral to the protection of cyberspace against malicious attacks. Therefore, it is important to be confident in the security of a security protocol. In previous years, people have worked on security of security protocol abstract specification. However, in recent years, people have found that this is not enough and have begun focusing on security protocol implementation. In order to evaluate the security of security protocol implementations, in this paper, firstly, we proposed the Message Construction to Security Protocol Implementation (MCSPI), a message construction method based on application programming interface (API) traces, which automatically generates the constructed client valid request messages. Then, we presented the Security Analysis Scheme (SAS), a security analysis scheme that generates an abstract model of a security protocol server. Next, we proposed a security analysis method to evaluate the security of security protocol implementations on the basis of constructed client request messages generated with MCSPI, corresponding to the server-side response message and server-side abstract model produced by SAS. Finally, we implemented the Security Protocol Implementation Analysis (SPIA) tool to generate client valid request messages and a server-side abstract model to assist in evaluating security protocol implementations. In our experiments, we tested Tencent QQ mail system version 2017 and RSAAuth system and found that RSAAuth is vulnerable and its server has only security checks for user password, while Tencent QQ mail system version 2017 is more secure and has strong security restrictions at server-side besides security checks for user password.
15
Zhang, Ke, Kai Xu e Fushan Wei. "A Provably Secure Anonymous Authenticated Key Exchange Protocol Based on ECC for Wireless Sensor Networks". Wireless Communications and Mobile Computing 2018 (16 luglio 2018): 1–9. http://dx.doi.org/10.1155/2018/2484268.
Testo completoAbstract (sommario):
In wireless sensor networks, users sometimes need to retrieve real-time data directly from the sensor nodes. Many authentication protocols are proposed to address the security and privacy aspects of this scenario. However, these protocols still have security loopholes and fail to provide strong user anonymity. In order to overcome these shortcomings, we propose an anonymous authenticated key exchange protocol based on Elliptic Curves Cryptography (ECC). The novel protocol provides strong user anonymity such that even the gateway node and the sensor nodes do not know the real identity of the user. The security of the proposed protocol is conducted in a well-defined security model under the CDH assumption. Compared with other related protocols, our protocol is efficient in terms of communication and enjoys stronger security. The only disadvantage is that our protocol consumes more computation resources due to the usage of asymmetric cryptography mechanisms to realize strong anonymity. Consequently, our protocol is suitable for applications which require strong anonymity and high security in wireless sensor networks.
16
Wu, Fusheng, Huanguo Zhang, Wengqing Wang, Jianwei Jia e Shi Yuan. "A New Method to Analyze the Security of Protocol Implementations Based on Ideal Trace". Security and Communication Networks 2017 (2017): 1–15. http://dx.doi.org/10.1155/2017/7042835.
Testo completoAbstract (sommario):
The security analysis of protocols on theory level cannot guarantee the security of protocol implementations. To solve this problem, researchers have done a lot, and many achievements have been reached in this field, such as model extraction and code generation. However, the existing methods do not take the security of protocol implementations into account. In this paper, we have proposed to exploit the traces of function return values to analyze the security of protocol implementations at the source code level. Taking classic protocols into consideration, for example (like the Needham-Schroeder protocol and the Diffie-Hellman protocol, which cannot resist man-in-the-middle attacks), we have analyzed man-in-the-middle attacks during the protocol implementations and have carried out experiments. It has been shown in the experiments that our new method works well. Different from other methods of analyzing the security of protocol implementations in the literatures, our new method can avoid some flaws of program languages (like C language memory access, pointer analysis, etc.) and dynamically analyze the security of protocol implementations.
17
Chen, Xiaojuan, e Huiwen Deng. "Efficient Verification of Cryptographic Protocols with Dynamic Epistemic Logic". Applied Sciences 10, n. 18 (21 settembre 2020): 6577. http://dx.doi.org/10.3390/app10186577.
Testo completoAbstract (sommario):
The security of cryptographic protocols has always been an important issue. Although there are various verification schemes of protocols in the literature, efficiently and accurately verifying cryptographic protocols is still a challenging research task. In this work, we develop a formal method based on dynamic epistemic logic to analyze and describe cryptographic protocols. In particular, we adopt the action model to depict the execution process of the protocol. To verify the security, the intruder’s actions are analyzed. We model exactly the protocol applying our formal language and give the verification models according to the security requirements of this cryptographic protocol. With analysis and proof on a selected example, we show the usefulness of our method. The result indicates that the selected protocol meets the security requirements.
18
Lu, Siqi, Qingdi Han, Xuyang Miao e Yubo Liu. "Research on Security Protocol Analysis Tool SmartVerif". Journal of Physics: Conference Series 2132, n. 1 (1 dicembre 2021): 012022. http://dx.doi.org/10.1088/1742-6596/2132/1/012022.
Testo completoAbstract (sommario):
Abstract Security protocols have been designed to protect the security of the network. However, many security protocols cannot guarantee absolute security in real applications. Therefore, security tests of the network protocol become particularly important. In this paper, firstly, we introduce SmartVerif, which is the first formal analysis tool to automatically verify the security of protocols through dynamic strategies. And then, we use SmartVerif to verify the pseudo-randomness of the encapsulated key of the Two-Pass AKE protocol, which was proposed by Liu’s in ASIACRYPT in 2020. Finally, we summary our work and show some limitations of SmartVerif. At the same time, we also point out the direction for future improvement of SmartVerif.
19
He, Lei, Yong Gan, Na Na Li e Tao Zhang. "A Revised Serverless Authentication Protocol with Forward Security for RFID". Applied Mechanics and Materials 29-32 (agosto 2010): 2267–72. http://dx.doi.org/10.4028/www.scientific.net/amm.29-32.2267.
Testo completoAbstract (sommario):
Information security problem has become one of the hottest issues in RFID system. More and more researchers begin to study how to provide security protection in the RFID system. In the paper, we mainly research lightweight authentication protocols in RFID system. Firstly, we analyze some protocols. Secondly, we introduce a serverless authentication protocol for RFID system and analyze its security. We find it does not provide forward security. Thirdly, we propose a revised serverless authentication protocol with forward security. It provides two-way authentication and privacy protection, resists tracking and cloning attack as well as the original protocol. Moreover, it provides forward security protection and resists desynchronization attack. For the efficiency, its computational complexity is at the same level with the protocol proposed by Tan et al.
20
Xiao, Meihua, Weiwei Song, Ke Yang, Ri OuYang e Hanyu Zhao. "Formal Analysis of the Security Protocol with Timestamp Using SPIN". Computational Intelligence and Neuroscience 2022 (23 agosto 2022): 1–11. http://dx.doi.org/10.1155/2022/2420590.
Testo completoAbstract (sommario):
The verification of security protocols is an important basis for network security. Now, some security protocols add timestamps to messages to defend against replay attacks by network intruders. Therefore, verifying the security properties of protocols with timestamps is of great significance to ensure network security. However, previous formal analysis method of such protocols often extracted timestamps into random numbers in order to simplify the model before modeling and verification, which probably cause time-dependent security properties that are ignored. To solve this problem, a method for verifying security protocols with timestamps using model checking technique is proposed in this paper. To preserve the time-dependent properties of the protocol, Promela (process meta language) is utilized to define global clock representing the protocol system time, timer representing message transmission time, and the clock function representing the passage of time; in addition, a mechanism for checking timestamps in messages is built using Promela. To mitigate state space explosion in model checking, we propose a vulnerable channel priority method of using Promela to build intruder model. We take the famous WMF protocol as an example by modeling it with Promela and verifying it with model checker SPIN (Simple Promela Interpreter), and we have successfully found two attacks in the protocol. The results of our work can make some security schemes based on WMF protocol used in the Internet of things or other fields get security alerts. The results also show that our method is effective, and it can provide a direction for the analysis of other security protocols with timestamp in many fields.
21
Bedarkar, Poonam, e Atul Halmare. "Security System for Car using CAN Protocol". International Journal of Trend in Scientific Research and Development Volume-2, Issue-2 (28 febbraio 2018): 4–8. http://dx.doi.org/10.31142/ijtsrd8272.
Testo completo
22
Lv, Jiaxian, Yi Wang, Jinshu Su, Rongmao Chen e Wenjun Wu. "Security of Auditing Protocols Against Subversion Attacks". International Journal of Foundations of Computer Science 31, n. 02 (febbraio 2020): 193–206. http://dx.doi.org/10.1142/s0129054120500033.
Testo completoAbstract (sommario):
In 2013, the revelation of Edward Snowden rekindled cryptographic researchers’ interest in subversion attacks. Since then, many works have been carried out to explore the power of subversion attacks and feasible effective countermeasures as well. In this work, we investigate the study of subversion attacks against cloud auditing protocol, which has been well-known as useful primitive for secure cloud storage. We demonstrate that subverted auditing protocol enables the cloud server to recover secret information stored on the data owner side. Particularly, we first define an asymmetric subversion attack model for auditing protocol. This model serves as the principle for analyzing the undetectability and key recovery of subversion attacks against auditing protocols. We then show a general framework of asymmetric subversion attacks against auditing protocols with index-coefficient challenge. To illustrate the feasibility of our paradigm, several concrete auditing protocols are provided. As a feasible countermeasure, we propose a subversion-resilient auditing protocol with index-coefficient challenge.
23
Oh, JiHyeon, SungJin Yu, JoonYoung Lee, SeungHwan Son, MyeongHyun Kim e YoungHo Park. "A Secure and Lightweight Authentication Protocol for IoT-Based Smart Homes". Sensors 21, n. 4 (21 febbraio 2021): 1488. http://dx.doi.org/10.3390/s21041488.
Testo completoAbstract (sommario):
With the information and communication technologies (ICT) and Internet of Things (IoT) gradually advancing, smart homes have been able to provide home services to users. The user can enjoy a high level of comfort and improve his quality of life by using home services provided by smart devices. However, the smart home has security and privacy problems, since the user and smart devices communicate through an insecure channel. Therefore, a secure authentication protocol should be established between the user and smart devices. In 2020, Xiang and Zheng presented a situation-aware protocol for device authentication in smart grid-enabled smart home environments. However, we demonstrate that their protocol can suffer from stolen smart device, impersonation, and session key disclosure attacks and fails to provide secure mutual authentication. Therefore, we propose a secure and lightweight authentication protocol for IoT-based smart homes to resolve the security flaws of Xiang and Zheng’s protocol. We proved the security of the proposed protocol by performing informal and formal security analyses, using the real or random (ROR) model, Burrows–Abadi–Needham (BAN) logic, and the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Moreover, we provide a comparison of performance and security properties between the proposed protocol and related existing protocols. We demonstrate that the proposed protocol ensures better security and lower computational costs than related protocols, and is suitable for practical IoT-based smart home environments.
24
Peng, She Qiang, e Long Wang. "Research on RFID Multi-Authentication Protocol Based on Hash Function". Applied Mechanics and Materials 427-429 (settembre 2013): 2403–7. http://dx.doi.org/10.4028/www.scientific.net/amm.427-429.2403.
Testo completoAbstract (sommario):
To address the security problems caused by the fake readers, and the weakness of low authentication protocol efficiency, a new RFID security authentication protocol based on Hash function is proposed. The security ability of the protocol is compared with other protocols' and is proved by doing the formal analysis. The theoretical analysis and formal proof is presented to prove the security ability of the protocol. Consequently, the result showed that the new protocol could protect the data privacy, achieve the data synchronization, prevent the tag from location tracking, avoid information reproduction, prevent clone and counterfeit and possess forward security ability which was useful for low-cost tags.
25
Li, Fu Lin, Jie Yang, Hong Wei Zhou e Ying Liu. "A New Dynamic Protocol Analysis Model". Advanced Materials Research 765-767 (settembre 2013): 1761–65. http://dx.doi.org/10.4028/www.scientific.net/amr.765-767.1761.
Testo completoAbstract (sommario):
Traditional static analysis methods such as formal validation and theorem proving were used to analyze protocols security previously. These methods can not measure and evaluate actual security of protocols accurately for the setting and suppose are far from the actual conditions. This paper proposes a new dynamic protocol analysis model. The system based on the model can be used to active test in actual running conditions, analyze known protocols security, integrity, robustness, and analyze unknown protocols online, provide support for protocol designer. The systems structure, working flow and implementation of key modules are described. The experimental results validate the validity of the models design.
26
Radack, Shirley, e Rick Kuhn. "Managing Security: The Security Content Automation Protocol". IT Professional 13, n. 1 (gennaio 2011): 9–11. http://dx.doi.org/10.1109/mitp.2011.11.
Testo completo
27
Liu, Defu, Guowu Yang, Yong Huang e Jinzhao Wu. "Inductive Method for Evaluating RFID Security Protocols". Wireless Communications and Mobile Computing 2019 (11 aprile 2019): 1–8. http://dx.doi.org/10.1155/2019/2138468.
Testo completoAbstract (sommario):
Authentication protocol verification is a difficult problem. The problem of “state space explosion” has always been inevitable in the field of verification. Using inductive characteristics, we combine mathematical induction and model detection technology to solve the problem of “state space explosion” in verifying the OSK protocol and VOSK protocol of RFID system. In this paper, the security and privacy of protocols in RFID systems are studied and analysed to verify the effectiveness of the combination of mathematical induction and model detection. We design a (r,s,t)-security experiment on the basis of privacy experiments in the RFID system according to the IND-CPA security standard in cryptography, using mathematical induction to validate the OSK protocol and VOSK protocol. Finally, the following conclusions are presented. The OSK protocol cannot resist denial of service attacks or replay attacks. The VOSK protocol cannot resist denial of service attacks but can resist replay attacks. When there is no limit on communication, the OSK protocol and VOSK protocol possess (r,s,t)-privacy; that is to say they can resist denial of service attacks.
28
Abu Dhailah, Hala, Eyad Taqieddin e Abdallah Alma'aitah. "An Enhanced and Resource-Aware RFID Multitag Grouping Protocol". Security and Communication Networks 2019 (23 maggio 2019): 1–15. http://dx.doi.org/10.1155/2019/6862052.
Testo completoAbstract (sommario):
Several grouping proof protocols were presented to meet the security requirements of Radio Frequency Identification Systems. Nevertheless, these protocols were shown to be vulnerable to various attacks. In this work, we cryptanalyze one of the newest grouping proof protocols. Through this analysis, we show the weaknesses of the protocol and launch a full-disclosure attack to disclose all secrets in the protocol. We show that the probability of success of the protocol is one and that increasing the length of the strings adds little complexity to the attack. We follow this by proposing an enhanced version of the protocol with better overall security. We show its efficiency by providing a security and performance analysis and comparing it with some of the existing protocols in the literature.
29
Chevalier, Yannick, e Michaël Rusinowitch. "Implementing Security Protocol Monitors". Electronic Proceedings in Theoretical Computer Science 342 (6 settembre 2021): 22–34. http://dx.doi.org/10.4204/eptcs.342.3.
Testo completo
30
Thomas, J., e A. J. Elbirt. "Understanding Internet Protocol Security". Information Systems Security 13, n. 4 (settembre 2004): 39–43. http://dx.doi.org/10.1201/1086/44640.13.4.20040901/83731.6.
Testo completo
31
Benson, Glenn. "Portable security transaction protocol". Computer Networks 51, n. 3 (febbraio 2007): 751–66. http://dx.doi.org/10.1016/j.comnet.2006.06.004.
Testo completo
32
Thammarat, Chalee. "Efficient and Secure NFC Authentication for Mobile Payment Ensuring Fair Exchange Protocol". Symmetry 12, n. 10 (9 ottobre 2020): 1649. http://dx.doi.org/10.3390/sym12101649.
Testo completoAbstract (sommario):
The standard protocol of near field communication (NFC) has concentrated primarily on the speed of communication while ignoring security properties. Message between an NFC-enabled smartphone and a point of sale are exchanged over the air (OTA), which is a message considered an authentication request for payment, billing, ticketing, loyalty services, identification or access control. An attacker who has an antenna can intercept or manipulate the exchanged messages to take advantage of these. In order to solve this problem, many researchers have suggested authentication methods for NFC communications. However, these remain inadequate transaction security and fairness. In this paper, we will propose a technique that ensures mutual authentication, security properties, and strong fairness. Mutual authentication is a security property that prevents replay attacks and man-in-the-middle attacks. Both fair exchange and transaction security are also significant issues in electronic transactions with regards to creating trust among the parties participating in the transaction. The suggested protocol deploys a secure offline session key generation technique to increase transaction security and, importantly, make our protocol lightweight while maintaining the fairness property. Our analysis suggests that our protocol is more effective than others regarding transaction security, fairness, and lightweight protocol. The proposed protocol checks robustness and soundness using Burrows, Abadi and Needham (BAN) logic, the Scyther tool, and automated validation of internet security protocols and applications (AVISPA) that provide formal proofs for security protocols. Furthermore, our protocol can resolve disputes in case one party misbehaves.
33
Song, Jiawen, Meihua Xiao, Tong Zhang e Haoyang Zhou. "Proving authentication property of PUF-based mutual authentication protocol based on logic of events". Soft Computing 26, n. 2 (12 novembre 2021): 841–52. http://dx.doi.org/10.1007/s00500-021-06163-9.
Testo completoAbstract (sommario):
AbstractPUF (Physical unclonable function) is a new hardware security primitive, and the research on PUFs is one of the emerging research focuses. For PUF-based mutual authentication protocols, a method to abstract the security properties of hardware by using logic of events is proposed, and the application aspects of logic of events are extended to protocols based on hardware security. With the interaction of PUF-based mutual authentication protocol formally described by logic of events, the basic sequences are constructed and the strong authentication property in protocol interaction process is verified. Based on the logic of events, the freshness of nonces is defined, and the persist rule is proposed according to the concept of freshness, which ensures the consistency of the protocol state and behavior predicate in the proof process, and reduces the complexity and redundancy in the protocol analysis process. Under reasonable assumptions, the security of the protocol is proven, and the fact that logic of events applies to PUF-based mutual authentication protocols is shown.
34
Ang Soh, Zhen, e Swee Huay Heng. "Security and Privacy of Contact Tracing Protocols for COVID-19". Journal of Engineering Technology and Applied Physics 4, n. 1 (15 marzo 2022): 30–34. http://dx.doi.org/10.33093/jetap.2022.4.1.5.
Testo completoAbstract (sommario):
Contact tracing is a way to track people who have been in contact with infected patients of COVID-19 and thereby effective control is achieved. Various countries have developed their own contact tracing applications which deploy the same or different protocol. It is of utmost importance to improve public awareness on the potential hidden risks of the respective protocols and applications and instill user confidence. The purpose of this research is to study the security and privacy of the existing contact tracing protocols to ensure that the security and privacy of users can be guaranteed. The protocols used by the applications include DP-3T protocol, TCN protocol, PEPP-PT protocol and BlueTrace protocol. The architecture of the protocols can be classified into centralised and decentralised architectures. In addition, the contact tracing applications in seven selected countries will be briefly analysed and compared. Some common user concerns are also outlined.
35
Huo, Lin, Yi Lin Jiang e Liang Qing Hu. "Research on Hash-Based Low-Cost RFID Security Authentication Protocol". Advanced Materials Research 846-847 (novembre 2013): 1524–30. http://dx.doi.org/10.4028/www.scientific.net/amr.846-847.1524.
Testo completoAbstract (sommario):
Because RFID does not require line of sight communication, low-cost and efficient operation with these outstanding advantages RFID are being widely used, followed by privacy and security vulnerabilities and other issues. Afterdescribe and analysis the facing security issues and the existing security protocols on the stage, proposed a low-cost RFID security authentication protocol based on hash function, this protocol use hash function and random numbers to ensure the safe and efficient control access between the tags and readers,and from the perspective of quantitative estimates the cost of tag. After setting up the idealized protocol model,by using the BAN logic formal analysis this protocol , and prove the security of protocol theoretically .
36
Tambunan, Alexander Theo Philus, Adi Prijuna Lubis e Syartika Anggraini. "Perancangan Sistem Keamanan File Transfer Protocol Dengan Secure Socket Layer Pada Server Centos 7". J-Com (Journal of Computer) 1, n. 2 (31 luglio 2021): 95–102. http://dx.doi.org/10.33330/j-com.v2i1.1206.
Testo completoAbstract (sommario):
Abstract: An advancement in communication technology currently has an influence on developments in data management in the joints of life, making the need for a media center something a must in digital archive storage. Data will not always be stored in personal computers, but it would be better if there was a centralized data container to be a solution in storage media, in order to prevent data loss or data backup. The term network (network) is used when there are at least two or more devices that are connected to one another. To carry out data exchange in this network, a protocol is used that specifies how data is exchanged, and one of the most widely used protocols is the File Transfer Protocol (FTP). FTP is generally useful as a means of exchanging files or data in a network. The FTP protocol is not secure enough, because when data transfer there is no security to protect it. Therefore the FTP protocol is necessary for additional security, by implementing the SSL security protocol or Secure Socket Layer Security protecting the FTP protocol during data transfer. SSL certificates are used for the purpose of handling the security of data packets transmitted over the network system. When SSL is activated, the server and client when the connection occurs will be encrypted so that the data cannot be seen by others. Keywords: FTP; Network; Server; SSL Abstrak: Suatu Kemajuan teknologi komunikasi saat ini memiliki pengaruh terhadap perkembangan didalam pengelolaan data didalam sendi kehidupan, membuat kebutuhan akan media center menjadi sesuatu yang harus dalam penyimpanan arsip digital. Data tidak selamanya akan tersimpan di dalam personal computer saja tetapi akan lebih baik jika ada wadah data terpusat menjadi solusi dalam media penyimpanan, agar menjaga dari kehilangan data atau cadangan data. Istilah jaringan (network) dipakai apabila terdapat minimal dua atau lebih perangkat yang terhubungkan satu dengan yang lainnya. Untuk melaksanakn pertukaran data didalam jaringan ini, digunakan protocol yang menspesifikasikan bagaimana data dipertukarkan, dan salah satu protocol yang banyak digunakan adalah File Transfer Protocol (FTP). FTP umumnya bermanfaat sebagai sarana pertukaran file atau data dalam suatu network. Protokol FTP tidaklah cukup aman, dikarenakan ketika transfer data tidak ada keamanan untuk melindunginya. Maka dari itu protokol FTP perlu untuk penambahan keamanan, dengan menerapkan protokol keamanan SSL atau Secure Socket Layer Security melindungi protokol FTP pada saat transfer data. Sertifikat SSL dimanfaatkan untuk keperluan menangani keamanan paket data yang ditransmisikan melalui sistem jaringan. Ketika SSL diakatifkan, maka server dan client ketika terjadi koneksi akan ter enkripsi sehingga data yang ada tidak dapat untuk dilihat oleh orang lain. Kata kunci: FTP;Network; Server; SSL
37
Safkhani, Masoumeh, Nasour Bagheri e Mahyar Shariat. "On the Security of Rotation Operation Based Ultra-Lightweight Authentication Protocols for RFID Systems". Future Internet 10, n. 9 (21 agosto 2018): 82. http://dx.doi.org/10.3390/fi10090082.
Testo completoAbstract (sommario):
Passive Radio Frequency IDentification (RFID) tags are generally highly constrained and cannot support conventional encryption systems to meet the required security. Hence, designers of security protocols may try to achieve the desired security only using limited ultra-lightweight operations. In this paper, we show that the security of such protocols is not provided by using rotation functions. In the following, for an example, we investigate the security of an RFID authentication protocol that has been recently developed using rotation function named ULRAS, which stands for an Ultra-Lightweight RFID Authentication Scheme and show its security weaknesses. More precisely, we show that the ULRAS protocol is vulnerable against de-synchronization attack. The given attack has the success probability of almost ‘1’, with the complexity of only one session of the protocol. In addition, we show that the given attack can be used as a traceability attack against the protocol if the parameters’ lengths are an integer power of 2, e.g., 128. Moreover, we propose a new authentication protocol named UEAP, which stands for an Ultra-lightweight Encryption based Authentication Protocol, and then informally and formally, using Scyther tool, prove that the UEAP protocol is secure against all known active and passive attacks.
38
Sun, Xin, Piotr Kulicki e Mirek Sopek. "Lottery and Auction on Quantum Blockchain". Entropy 22, n. 12 (5 dicembre 2020): 1377. http://dx.doi.org/10.3390/e22121377.
Testo completoAbstract (sommario):
This paper proposes a protocol for lottery and a protocol for auction on quantum Blockchain. Our protocol of lottery satisfies randomness, unpredictability, unforgeability, verifiability, decentralization and unconditional security. Our protocol of auction satisfies bid privacy, posterior privacy, bids’ binding, decentralization and unconditional security. Except quantum Blockchain, the main technique involved in both protocols is quantum bit commitment.
39
Mohammadiounotikandi, Ali. "Presenting a Protocol to Increase IOT-Based Security". Webology 19, n. 1 (20 gennaio 2022): 629–45. http://dx.doi.org/10.14704/web/v19i1/web19045.
Testo completoAbstract (sommario):
The Internet of Things (IoT) has expanded access to information technology by combining both digital and physical fields as an emerging technology. IoT will increasingly overshadow human life as it becomes more pervasive. IoT will be applied to important areas of the national economy, such as health care and medical care, and smart transportation. Hence, data security in IoT must be met with highlights such as distinguishing proof, unwavering quality, integration, and verifiable, and so on. Security within the field of IoT is more vital in terms of openness and reliance. Security is an critical issue for IoT applications and proceeds to confront major challenges. This think about pointed to supply a convention to extend IoT-based security. The method proposed in this paper is to show modern conveyance engineering to extend IoT security. This unused design is based on a blockchain and can be actualized as a dispersed design in all layers of IoT. The findings of recreations and usage in genuine IoT scenarios appear that the execution of the proposed security conventions can be proficient and viable within the productivity and adequacy of distinctive levels of security and IoT accessibility.
40
Cha, Eun-Chul, e Hyoung-Kee Choi. "Evaluation of Security Protocols for the Session Initiation Protocol". KIPS Transactions:PartC 14C, n. 1 (28 febbraio 2007): 55–64. http://dx.doi.org/10.3745/kipstc.2007.14-c.1.055.
Testo completo
41
Wang, Fang. "The Security Study of an EC Protocol Based on Casper/FDR2". Applied Mechanics and Materials 681 (ottobre 2014): 249–52. http://dx.doi.org/10.4028/www.scientific.net/amm.681.249.
Testo completoAbstract (sommario):
Researchers have proposed several security protocols to protect the electronic commerce security in these years; however, not all of them are secure enough. This article extends model checking method with Casper/FDR2 to model and analyze a new electronic protocol. Attacks are found in the protocol and their mechanisms are discussed. A variety of solutions are given to different security flaws. The improved protocol is proven to be robust and secure.
42
Nam, Junghyun, Kim-Kwang Raymond Choo, Juryon Paik e Dongho Won. "Password-Only Authenticated Three-Party Key Exchange Proven Secure against Insider Dictionary Attacks". Scientific World Journal 2014 (2014): 1–15. http://dx.doi.org/10.1155/2014/802359.
Testo completoAbstract (sommario):
While a number of protocols for password-only authenticated key exchange (PAKE) in the 3-party setting have been proposed, it still remains a challenging task to prove the security of a 3-party PAKE protocol against insider dictionary attacks. To the best of our knowledge, there is no 3-party PAKE protocol that carries a formal proof, or even definition, of security against insider dictionary attacks. In this paper, we present the first 3-party PAKE protocol proven secure against both online and offline dictionary attacks as well as insider and outsider dictionary attacks. Our construct can be viewed as a protocol compiler that transforms any 2-party PAKE protocol into a 3-party PAKE protocol with 2 additional rounds of communication. We also present a simple and intuitive approach of formally modelling dictionary attacks in the password-only 3-party setting, which significantly reduces the complexity of proving the security of 3-party PAKE protocols against dictionary attacks. In addition, we investigate the security of the well-known 3-party PAKE protocol, called GPAKE, due to Abdalla et al. (2005, 2006), and demonstrate that the security of GPAKE against online dictionary attacks depends heavily on the composition of its two building blocks, namely a 2-party PAKE protocol and a 3-party key distribution protocol.
43
Aljumaie, Ghada Sultan, e Wajdi Alhakami. "A Secure LEACH-PRO Protocol Based on Blockchain". Sensors 22, n. 21 (2 novembre 2022): 8431. http://dx.doi.org/10.3390/s22218431.
Testo completoAbstract (sommario):
Wireless Sensor Networks (WSNs) are becoming more popular for many applications due to their convenient services. However, sensor nodes may suffer from significant security flaws, leading researchers to propose authentication schemes to protect WSNs. Although these authentication protocols significantly fulfill the required protection, security enhancement with less energy consumption is essential to preserve the availability of resources and secure better performance. In 2020, Youssef et al. suggested a scheme called Enhanced Probabilistic Cluster Head Selection (LEACH-PRO) to extend the sensors’ lifetime in WSNs. This paper introduces a new variant of the LEACH-PRO protocol by adopting the blockchain security technique to protect WSNs. The proposed protocol (SLEACH-PRO) performs a decentralized authentication mechanism by applying a blockchain to multiple base stations to avoid system and performance degradation in the event of a station failure. The security analysis of the SLEACH-PRO is performed using Burrows–Abadi–Needham (BAN) logic and Automated Validation of Internet Security Protocols and Applications (AVISPA) tool. Moreover, the SLEACH-PRO is evaluated and compared to related protocols in terms of computational cost and security level based on its resistance against several attacks. The comparison results showed that the SLEACH-PRO protocol is more secure and requires less computational cost compared to other related protocols.
44
Tang, Lin, En Jian Bai e Wen Qiang Wu. "A Secure Authentication Protocol Conforming to EPC Class-1 Generation-2 Standard". Advanced Materials Research 403-408 (novembre 2011): 1845–48. http://dx.doi.org/10.4028/www.scientific.net/amr.403-408.1845.
Testo completoAbstract (sommario):
With the development of e-business market, radio frequency identification (RFID) technology is becoming more and more importance. It is often used to identify object because it can work without manual intervention. Several organizations including EPC global and ISO have been working on the standard of RFID all the time in order to promote it using low-cost tags. In particular, the EPC Class-1 Generation-2 standard was accepted as an international standard by ISO/IEC. However, this standard exists some security vulnerabilities. To resolve these vulnerabilities, some protocols conforming to EPC Class 1 Generation 2 was proposed. In this paper, we show the weaknesses which exist in RFID system’s security protocols conforming to EPC Class-1 Generation-2 and submit a new security protocol suitable to the standard, then validate the whole security performance of the new protocol. The safety performance of the new protocol and existing protocols are also compared in this paper .The result shows that the the new protocol could be used in the low-cost tag because of its high security and low communication complexity.
45
Feng, Tao, e Yi Wu. "Formal Security Analysis and Improvement Based on LonTalk Authentication Protocol". Security and Communication Networks 2022 (12 luglio 2022): 1–19. http://dx.doi.org/10.1155/2022/8104884.
Testo completoAbstract (sommario):
Security analysis of security protocol can be used to ensure communication security in the network. The process of security protocol analysis using the formal analysis method is simple and standardized, which is a research hotspot in the field of information security. In this study, a formal analysis method based on colored Petri net theory and Dolev-Yao attacker model is adopted to analyze LonTalk authentication protocol, and three types of attackable vulnerabilities including replay, tamper, and spoofing are found in LonTalk authentication protocol; thus, a secure LonTalk-SA authentication protocol is proposed. The LonTalk-SA authentication protocol was added with a trusted third-party server, which authenticates the identity of the sender and receiver and generates session keys through XOR operations on random numbers. The formal analysis of the new scheme shows that the new scheme can effectively resist three types of attacks, provide bidirectional authentication of communication nodes, and ensure the confidentiality, integrity, and authentication of messages during transmission, thus improving the security of protocols.
46
Tian, Yangguang, Guomin Yang, Yi Mu, Shiwei Zhang, Kaitai Liang e Yong Yu. "One-Round Attribute-Based Key Exchange in the Multi-Party Setting". International Journal of Foundations of Computer Science 28, n. 06 (settembre 2017): 725–42. http://dx.doi.org/10.1142/s0129054117400159.
Testo completoAbstract (sommario):
Attribute-based authenticated key exchange (AB-AKE) is a useful primitive that allows a group of users to establish a shared secret key and at the same time enables fine-grained access control. A straightforward approach to design an AB-AKE protocol is to extend a key exchange protocol using an attribute-based authentication technique. However, insider security is a challenge security issue for AB-AKE in the multi-party setting and cannot be solved using the straightforward approach. In addtion, many existing key exchange protocols for the multi-party setting (e.g., the well-known Burmester-Desmedt protocol) require multiple broadcast rounds to complete the protocol. In this paper, we propose a novel one-round attribute-based key exchange (OAKE) protocol in the multi-party setting. We define the formal security models, including session key security, insider security and user privacy, for OAKE, and prove the security of the proposed protocol under some standard assumptions in the random oracle model.
47
Li, Shu, Xi Yang e Ping Yuan Liang. "A New Hash-Based Authentication Protocol for RFID Using Varying Identifiers". Applied Mechanics and Materials 303-306 (febbraio 2013): 2112–16. http://dx.doi.org/10.4028/www.scientific.net/amm.303-306.2112.
Testo completoAbstract (sommario):
This article proposed a new security protocol with satisfying the lightweight requirements of the security of RFID system. Using varying identifiers, the protocol can resist Forward attack, Traffic analysis and Tracking attack, Replay attack. The Back-end Server holds the new identifier and last identifier for every Tag can keep database synchronization. Each Tag store a unique Key that is the secret information which also store in the Back-end Server. Use the Key, the protocol can implement mutual authentication between Back-end Server and Tag. Then the paper compared the proposed protocol with the typical protocols in security, effective and cost. The results demonstrate that the protocol can effectively solve the security problem of RFID systems.
48
Zhao, Zi-An, Yu Sun, Dawei Li, Jian Cui, Zhenyu Guan e Jianwei Liu. "A Scalable Security Protocol for Intravehicular Controller Area Network". Security and Communication Networks 2021 (31 dicembre 2021): 1–13. http://dx.doi.org/10.1155/2021/2314520.
Testo completoAbstract (sommario):
Intravehicular communication relies on controller area network (CAN) protocol to deliver messages and instructions among different electronic control units (ECU). Unfortunately, inherent defects in CAN include the absence of confidentiality and integrity mechanism, enabling adversaries to launch attacks from wired or wireless interfaces. Although various CAN cryptographic protocols have been proposed for entity authentication and secure communication, the redundancy in the key establishment phase weakens their availability in large-scale CAN. In this paper, we propose a scalable security protocol suite for intravehicular networks and reduce the communication costs significantly. A new type of attack, suspension attack, is identified for the existing protocols and mitigated in our protocol by leveraging a global counter scheme. We formally verify the security properties of the proposed protocol suite through the AVISPA tool. The simulation results indicate that the communication and computation efficiency are improved in our protocol.
49
Li, Ping, e Lin Ning. "Clustering Routing Protocol Based on Base Station Authentication with TLEACH in WSN". Advanced Materials Research 734-737 (agosto 2013): 3107–13. http://dx.doi.org/10.4028/www.scientific.net/amr.734-737.3107.
Testo completoAbstract (sommario):
This paper introduced a new safety and energy saved routing protocol BSATLEACH, it is focus on existing issues of protocols in wireless sensor networks (WSNs) what just considered energy saving only without security concern or designed for security only ignored large overheads and complex algorithm, so on. This protocol is built up based on TLEACH protocol, utilized Base Station to authenticate the identity of nodes, combined the identity trust and the behavior trust, and considered the factor of residual energy in nodes. It balanced above existing issues of protocols in WSNs. The results come from analysis and simulation in MATLAB shown that this new protocol can provide excellent security in WSNs and can extend the lifetime of network efficiently.
50
Nobelis, N., K. Boudaoud, C. Delettre e M. Riveill. "Designing Security Properties-Centric Communication Protocols using a Component-Based Approach". International Journal of Distributed Systems and Technologies 3, n. 1 (gennaio 2012): 1–16. http://dx.doi.org/10.4018/jdst.2012010101.
Testo completoAbstract (sommario):
Numerous communication protocols have been designed offering a set of security properties through the use of cryptographic tools to secure electronic document transfer. However, there is no clear match between the tools used and security properties they offer. To solve this problem, the authors propose to use a component-based approach; more specifically the authors introduce the notion of high-level security component where each component provides an atomic security property. This approach will facilitate the design of new protocols that fulfill any specific set of security properties by assembling the appropriate components. At the same time, users using a protocol designed with these security components will have the assurance that the protocol satisfies the security properties required for the electronic document transfer. The authors validate the approach by showing how the integrity property can be added to the HTTP protocol to design a security property-centric HTTPS and in this case an integrity-only HTTPS.