多种应用环境下安全认证协议的研究
|
摘要
摘要:在虚拟网络中,如何实现现实中的应用,如何保障身份和信息内容的真实性,已经成为人们最迫切的应用需求。基于密码学的认证技术是解决这类问题的有效手段,它已经成为构建网络安全环境的重要保障,是信息安全领域的核心技术,其正确性和安全性对整个网络环境的安全起着至关重要的作用。目前,安全认证协议的设计和分析是近年来网络信息安全领域最活跃的研究方向。因此,本文对如何构建安全高效的认证协议进行了较深入的研究,并给出了相应的设计方案。根据不同的应用环境,研究了两方及多方参与的认证协议,其中包括基于智能卡的口令认证协议、射频识别(RFID)系统认证协议和面向群组的多方密钥协商协议。本文的研究工作受到了国家高技术研究发展计划(863计划)(No.2011AA010104-2)、国家自然科学基金项目(No.61071076、61201159)、中央高校基本科研业务费专项资金研究生创新项目(No.2012YJS023)和高等学校博士学科点专项科研基金(No.20100009110002)的支持。主要研究成果如下:
1.研究Chen等人提出的基于智能卡的远程用户认证协议,并对该协议构造了有效的已知密钥攻击和离线猜测攻击。为了弥补以上两种安全漏洞,提出了一种基于智能卡的远程用户登录及验证协议。利用BAN逻辑对新协议进行形式化分析,证明了协议认证过程的正确性。同时,新协议可抵抗已知密钥攻击和离线猜测攻击在内的多种攻击,满足前向安全性,与同类协议相比具有更好的计算效率。
2.对Song提出的增强的智能卡口令认证协议进行安全性分析,指出该协议无法抵抗离线口令猜测攻击,且不具备系统自恢复性。针对以上安全漏洞,提出了一种改进的智能卡口令认证协议。新协议利用单向哈希函数和时间戳机制完善了系统的自恢复性,且计算效率更佳。通过BAN逻辑和安全性分析可知,新协议具有完备的认证功能,可抵抗离线口令猜测攻击在内的多种攻击,同时满足前向安全性。
3.研究分析了几类现有的RFID认证协议。通过研究发现:这几类协议都存在密钥无法更新的设计问题,即固定密钥一旦泄漏,射频组件间的通信和交互访问将不再安全。基于以上发现,利用询问-应答机制和不确定索引值策略提出了一种可更新密钥的RFID认证协议,该协议可提供同一会话时期标签和后台数据库服务器的密钥同步更新,实现了射频组件间的安全认证和访问控制,可保护标签的位置隐私和系统的前向安全性。结合以上密钥更新机制,提出了一种基于混沌映射的RFID认证协议,该协议具有更好的计算效率,更适用于能耗受限的RFID系统。
4.对Guo和Zhang提出的基于混沌映射的组密钥协商协议进行分析,指出该协议无法实现组成员的动态调整和多方密钥协商,且不能抵抗离线口令猜测攻击。针对以上问题,基于混沌映射理论和二叉树结构,提出了一种动态的混沌组密钥协商协议,该协议满足多方密钥协商的贡献性和组密钥独立性,可提供组成员的动态调整操作。经安全性分析可知,新协议可抵抗包含离线口令猜测攻击在内的多种攻击。
5.分析Zhao等人提出的可容错组密钥协商协议,指出该协议存在可容错性缺陷,且无法实现组成员的动态调整。利用RSA算法和受限秘密编号,提出了一种动态的可容错组密钥协商协议。新协议具有良好的可容错性,并实现了单轮的组密钥协商,即诚实组成员只需一轮就可剔除所有恶意成员,并协商出共享的组密钥。同时,新协议利用二叉树结构实现了组成员的动态调整,可提供组密钥的即时更新功能,满足组密钥的独立性。通过安全性和性能分析可知,新协议可抵抗多种攻击,较Zhao等人提出的协议具有更低的计算和通信开销。
ABSTRACT:In the virtual network, how to achieve the real application and protect the authenticity of identity and information content have become the most pressing needs. The cryptography based authentication technology is a valid method to solve the problem well. It has become an important guarantee and core technology of information security, its correctness and security play crucial role in the entire network environment. Currently, the design and analysis of secure authentication protocol is the most active research of network and information security. This dissertation concentrates on how to construct secure and effective authentication protocol and proposes corresponding methods. According to the different application environment, research on the two-party and multi-party authentication protocols, including smart based password authentication protocols, RFID authentication protocols and multi-party key agreement protocols for group communication. The work of this dissertation is supported by the National High Technology and Development Program of China (863Program)(No.2011AA010104-2), the National Natural Science Foundation of China (No.61071076,61201159), the Fundamental Research Funds for the Central Universities (No.2012YJS023), and the Specialized Research Fund for the Doctoral Program of Higher Education of China (No.20100009110002). The main contributions are summarized as follows:
1. Study Chen et al.'s remote user authentication protocol using smart cards. It is demonstrated that serious vulnerabilities still threaten their protocol by mounting known-key attack and off-line guessing attack. To solve the aforementioned weaknesses, we propose a smart card based protocol for remote login and verification, and utilize BAN logic to verify the correctness of its authentication procedures. Meanwhile, the new protocol can prevent various attacks, including known-key attack and off-line guessing attack, and achieves forward secrecy. To compare with related protocols, the new protocol has better computation efficiency.
2. An advanced password authentication protocol using smart cards is proposed by Song. We point out that his protocol is still vulnerable to off-line password guessing attack, and it is lack of system reparability. To fill the gaps, the improved protocol is proposed. The new protocol utilizes one-way hash function and timestamp mechanism to achieve system reparability, and optimizes the computation efficiency. According to BAN logic proof and security analysis, the new protocol has correct authentication procedures, withstands various attacks and achieves forward secrecy.
3. Study several RFID authentication protocols. It is found that all these protocols have same design problem which the tag key cannot be updated. This means that once the fixed key is leaked, the communication and interaction between RF components would be no longer secure. Based on these findings, we utilize challenge-response mechanism and indefinite index strategy to propose an advanced constantly updated RFID authentication protocol. This protocol allows the tag and the back-end database server to update their respective keys synchronously in same session. It achieves secure authentication and access control between RF components, it can protect the tag's location privacy and forward secrecy of system. Combine with the aforementioned key updated mechanism, an authenticated RFID protocol based on chaotic maps is proposed, which is more suitable for the limited-power RFID system with better computation efficiency.
4. Analyze Guo and Zhang's Chaos based group key agreement protocol. It is shown that their protocol cannot achieve dynamic setting and multi-key agreement, and it cannot withstand off-line password guessing attack. To solve the above problem, based on chaotic maps theory and binary tree structure, we propose a dynamic chaos based group key agreement protocol. It satisfies the contributory property of multi-key agreement and group key independence, it provides dynamic setting for group members. According to security analysis, the new protocol can resist various attacks, including off-line password guessing attack.
5. Analyze Zhao et al.'s fault-tolerant group key agreement protocol. It is presented that their protocol has fault-tolerance weakness without dynamic setting. Based on RSA algorithm and restricted secret number, a dynamic fault-tolerant group key agreement protocol is proposed. The new protocol has good fault-tolerant ability, and it needs only one round to exclude all malicious participants and helps honest members complete group key agreement. Meanwhile, the new protocol utilizes a binary tree structure to achieve dynamic setting, and it satisfies group key independence with instant key refreshment. Due to the security and performance analysis, the new protocol can withstand various attacks, it has lower computation and communication cost than Zhan et al.'s protocol.
1.研究Chen等人提出的基于智能卡的远程用户认证协议,并对该协议构造了有效的已知密钥攻击和离线猜测攻击。为了弥补以上两种安全漏洞,提出了一种基于智能卡的远程用户登录及验证协议。利用BAN逻辑对新协议进行形式化分析,证明了协议认证过程的正确性。同时,新协议可抵抗已知密钥攻击和离线猜测攻击在内的多种攻击,满足前向安全性,与同类协议相比具有更好的计算效率。
2.对Song提出的增强的智能卡口令认证协议进行安全性分析,指出该协议无法抵抗离线口令猜测攻击,且不具备系统自恢复性。针对以上安全漏洞,提出了一种改进的智能卡口令认证协议。新协议利用单向哈希函数和时间戳机制完善了系统的自恢复性,且计算效率更佳。通过BAN逻辑和安全性分析可知,新协议具有完备的认证功能,可抵抗离线口令猜测攻击在内的多种攻击,同时满足前向安全性。
3.研究分析了几类现有的RFID认证协议。通过研究发现:这几类协议都存在密钥无法更新的设计问题,即固定密钥一旦泄漏,射频组件间的通信和交互访问将不再安全。基于以上发现,利用询问-应答机制和不确定索引值策略提出了一种可更新密钥的RFID认证协议,该协议可提供同一会话时期标签和后台数据库服务器的密钥同步更新,实现了射频组件间的安全认证和访问控制,可保护标签的位置隐私和系统的前向安全性。结合以上密钥更新机制,提出了一种基于混沌映射的RFID认证协议,该协议具有更好的计算效率,更适用于能耗受限的RFID系统。
4.对Guo和Zhang提出的基于混沌映射的组密钥协商协议进行分析,指出该协议无法实现组成员的动态调整和多方密钥协商,且不能抵抗离线口令猜测攻击。针对以上问题,基于混沌映射理论和二叉树结构,提出了一种动态的混沌组密钥协商协议,该协议满足多方密钥协商的贡献性和组密钥独立性,可提供组成员的动态调整操作。经安全性分析可知,新协议可抵抗包含离线口令猜测攻击在内的多种攻击。
5.分析Zhao等人提出的可容错组密钥协商协议,指出该协议存在可容错性缺陷,且无法实现组成员的动态调整。利用RSA算法和受限秘密编号,提出了一种动态的可容错组密钥协商协议。新协议具有良好的可容错性,并实现了单轮的组密钥协商,即诚实组成员只需一轮就可剔除所有恶意成员,并协商出共享的组密钥。同时,新协议利用二叉树结构实现了组成员的动态调整,可提供组密钥的即时更新功能,满足组密钥的独立性。通过安全性和性能分析可知,新协议可抵抗多种攻击,较Zhao等人提出的协议具有更低的计算和通信开销。
ABSTRACT:In the virtual network, how to achieve the real application and protect the authenticity of identity and information content have become the most pressing needs. The cryptography based authentication technology is a valid method to solve the problem well. It has become an important guarantee and core technology of information security, its correctness and security play crucial role in the entire network environment. Currently, the design and analysis of secure authentication protocol is the most active research of network and information security. This dissertation concentrates on how to construct secure and effective authentication protocol and proposes corresponding methods. According to the different application environment, research on the two-party and multi-party authentication protocols, including smart based password authentication protocols, RFID authentication protocols and multi-party key agreement protocols for group communication. The work of this dissertation is supported by the National High Technology and Development Program of China (863Program)(No.2011AA010104-2), the National Natural Science Foundation of China (No.61071076,61201159), the Fundamental Research Funds for the Central Universities (No.2012YJS023), and the Specialized Research Fund for the Doctoral Program of Higher Education of China (No.20100009110002). The main contributions are summarized as follows:
1. Study Chen et al.'s remote user authentication protocol using smart cards. It is demonstrated that serious vulnerabilities still threaten their protocol by mounting known-key attack and off-line guessing attack. To solve the aforementioned weaknesses, we propose a smart card based protocol for remote login and verification, and utilize BAN logic to verify the correctness of its authentication procedures. Meanwhile, the new protocol can prevent various attacks, including known-key attack and off-line guessing attack, and achieves forward secrecy. To compare with related protocols, the new protocol has better computation efficiency.
2. An advanced password authentication protocol using smart cards is proposed by Song. We point out that his protocol is still vulnerable to off-line password guessing attack, and it is lack of system reparability. To fill the gaps, the improved protocol is proposed. The new protocol utilizes one-way hash function and timestamp mechanism to achieve system reparability, and optimizes the computation efficiency. According to BAN logic proof and security analysis, the new protocol has correct authentication procedures, withstands various attacks and achieves forward secrecy.
3. Study several RFID authentication protocols. It is found that all these protocols have same design problem which the tag key cannot be updated. This means that once the fixed key is leaked, the communication and interaction between RF components would be no longer secure. Based on these findings, we utilize challenge-response mechanism and indefinite index strategy to propose an advanced constantly updated RFID authentication protocol. This protocol allows the tag and the back-end database server to update their respective keys synchronously in same session. It achieves secure authentication and access control between RF components, it can protect the tag's location privacy and forward secrecy of system. Combine with the aforementioned key updated mechanism, an authenticated RFID protocol based on chaotic maps is proposed, which is more suitable for the limited-power RFID system with better computation efficiency.
4. Analyze Guo and Zhang's Chaos based group key agreement protocol. It is shown that their protocol cannot achieve dynamic setting and multi-key agreement, and it cannot withstand off-line password guessing attack. To solve the above problem, based on chaotic maps theory and binary tree structure, we propose a dynamic chaos based group key agreement protocol. It satisfies the contributory property of multi-key agreement and group key independence, it provides dynamic setting for group members. According to security analysis, the new protocol can resist various attacks, including off-line password guessing attack.
5. Analyze Zhao et al.'s fault-tolerant group key agreement protocol. It is presented that their protocol has fault-tolerance weakness without dynamic setting. Based on RSA algorithm and restricted secret number, a dynamic fault-tolerant group key agreement protocol is proposed. The new protocol has good fault-tolerant ability, and it needs only one round to exclude all malicious participants and helps honest members complete group key agreement. Meanwhile, the new protocol utilizes a binary tree structure to achieve dynamic setting, and it satisfies group key independence with instant key refreshment. Due to the security and performance analysis, the new protocol can withstand various attacks, it has lower computation and communication cost than Zhan et al.'s protocol.
引文
[1]冯登国.网络安全原理与技术[M].北京:科学出版社,2003.
[2]Needham R, Schroede M. Using encryption for authentication in large networks of computers [J]. Communications of the ACM,1978,21(12):993-999.
[3]Simmons G J. Authentication theory/coding theory [C]. In Proceedings of Crypto'84. Lecture Note in Computer Science,1985,196:411-431.
[4]Mao W B著.王继林,伍前红译.现代密码学理论与实践[M].北京:电子工业出版社,2004.
[5]Diffie W, Hellman M E. New directions in cryptography [J]. IEEE Transactions on Information Theory,1976, IT-22(6):644-654.
[6]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems,1990,8(1):18-36.
[7]Gong L, Needham R, Yahalom R. Reasoning about belief in cryptographic protocols [C]. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 1990:234-248.
[8]Abadi M, Tuttle M. A semantics for a logic of authentication [C]. In Proceedings of the 10th ACM Symposium on Principles of Distributed Computing,1991:201-216.
[9]Oorschot P van Extending cryptographic logics of belief to key agreement protocols [C]. In Proceedings of the lth ACM Conference on Communications and Computer Security.1993: 233-243.
[10]Syverson P F, Oorschot P van. On unifying some cryptographic protocol logics [C]. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 1994:14-28.
[11]Mao W B, Colin B. Towards formal analysis of safty protocols [C], In Computer Security Foundations Workshop Ⅵ, IEEE Computer Society Press,1998,4:147-158.
[12]Hoare C. Communicating sequential processes [J]. Communications of the ACM,1978,21(8): 666-677.
[13]Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR [J]. Software Concepts and Tools,1996,17(3):93-102.
[14]Basin D, Moedersheim S, Vigano L. OFMC:A symbolic model checker for security protocols [J]. International Journal of Information Security,2005,4(3):181-208.
[15]Mitchell J, Mitchell M, Stern U. Automated analysis of cryptographic protocols using Murphi [C]. In Proceedings of the 1997 IEEE Computer Society Symposium on Research in Security and Privacy,1997:141-151.
[16]Woo T, Lam S. A lesson on authentication protocol design [J]. Operating Systems Review, 1994,28(3):24-37.
[17]Millen J, Clark S, Freedman S. The Interrogator:Protocol security analysis [J]. IEEE Transactions on Software Engineering,1987,13(2):274-288.
[18]Meadows C. The NRL protocol analyzer:An overview [J]. Journal of Logic Programming, 1996,26(2):113-131.
[19]Paulson L C. Mechanized proofs for a recursive authentication protocol [C]. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, Los Alamitos:IEEE Computer Society Press,1997:84-94.
[20]Paulson L C. The inductive approach to verifying cryptographic protocols [J]. Journal of Computer Security,1998,6(1-2):85-128.
[21]Thayer F J, Herzog J C, Guttman J D. Strand spaces:Proving security protocols correct [J]. Journal of Computer Security,1999,7(2):191-230.
[22]Canetti, R. Universally composable security:a new paradigm for cryptographic protocols [C]. In Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science,2001: 136-145.
[23]Abadi M, Gordon A D. A calculus for cryptographic protocols:The spi calculus [C]. In Proceedings of the 4th ACM Conference on Computer and Communications Security,1997: 36-47.
[24]Lamport L. Password authentication with insecure communication [J]. Communications of the ACM,1981,24(11):770-772.
[25]Wu T C, Sung H S. Authenticating passwords over an insecure channel [J].Computer & Security,1996,15(5):431-439.
[26]Peyravian M, Zunic N. Methods for protecting password transmission [J]. Computer & Security,2006,19(5):466-469.
[27]Chang C C, Lee C Y, Chiu Y C. Enhanced authentication scheme with anonymity for roam-ing service in global mobility networks [J]. Computer Communications,2009,2(4): 611-618.
[28]Hwang M S, Li L H. A new remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics,2000,46(1):28-30.
[29]ElGamal T. A public-key cryptosystem and a signature scheme based on discrete logarithms [J]. IEEE Transactions on Information Theory,1985,31(4):469-472.
[30]Sun H M. An efficient remote use authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics,2000,46(4):958-961.
[31]Chien H Y, Jan J K, Tseng Y M. An efficient and practical solution to remote authentication: smart card [J]. Computer & Security,2002,21(4):372-375.
[32]Ku W C, Chen S M. Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2004,50(1):204-207.
[33]Yoon E J, Ryu E K, Yoo K Y. Further improvement of an efficient password based remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2004,50(2):612-614.
[34]Wang X M, Zhang W F, Zhang J S, Khan M K. Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards [J]. Computer Standard & Interfaces,2007,29(5):507-512.
[35]Chen T H, Hsiang H C, Shih W K. Security enhancement on an improvement on two remote user authentication schemes using smart cards [J]. Future Generation Computer Systems, 2011,27(4):377-380.
[36]Song R. Advanced smart card based password authentication protocol [J]. Computer Standards & Interfaces,2010,32(5-6):321-325.
[37]Hopper N J, Blum M. Secure human identification protocols [C]. In Proceedings of 7th International Conference on the Theory and Application of Cryptology and Information Security,2001:52-66.
[38]Gilbert H, Matthew R, Sibert H. An active attack against HB+:a provably secure lightweight authentication protocol [J]. IEEE Electronics Letters,2005,41(21):1169-1170.
[39]Sarma S E, Weis S A, Engels D W. Radio-frequency identification:secure risks and challenges. RSA Laboratories Cryptobytes,2003,6(1):2-9.
[40]Weis S A, Sarma S E, Rivest R L, Engles D W. Security and privacy aspects of low-cost radio frequency identification systems [C]. In Proceedings of the 1st International Conference on Security in Pervasive Computing.2004:201-212.
[41]周永彬,冯登国.RFID安全协议的设计和分析[J].计算机学报,2006,29(4):581-589.
[42]Lee S M, Hwang Y J, Lee D H. Efficient authentication for low-cost RFID systems [C]. In Proceedings of the International Conference on Computational Science and Its Applications, 2005:619-627.
[43]Molnar D, Soppera A, Wagner D. A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags [C]. Selected Areas in Cryptography,2006:276-290.
[44]Van Le T, Burmester M, Medeiros B. Universally composable and forward secure RFID authentication and authenticated key exchange [C]. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security,2007:242-252.
[45]Tsudik G. YA-TRAP:yet another trivial RFID authentication protocol [C]. In Proceedings of the 4th annual IEEE International Conference on Pervasive Computing and Communications Workshops,2006:640-651.
[46]Chien H Y. SASI:a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity [J]. IEEE Transactions on Dependable and Secure Computing,2007,4(4):337-340.
[47]Cao T, Bertino E, Lei H. Security analysis of the SASI protocol [J]. IEEE Transactions on Dependable and Secure Computing,2009,6(1):73-77.
[48]Kim H S, Choi J Y. The design and verification of RFID authentication protocol for ubiquitous computing [C]. In Proceedings of the 18th International Workshop on Database and Expert Systems Applications,2007:693-697.
[49]Burmester M, Van Le T, Medeiros B. Provably secure ubiquitous systems:Universally composable RFID authentication protocols [C]. In Proceedings of the 2nd International Conference on Security and Privacy in Networks,2006:176-186.
[50]Burmester M, Medeiros B D, Motta R. Provably Secure Grouping-Proofs for RFID Tags [J]. Smart Card Research and Advanced Applications,2008,5189:176-190.
[51]邓淼磊,黄照鹤,周利华等.认证协议中数据同步的分析[J].计算机科学,2010,37(3):83-85.
[52]Ingemarsson I, Tang D, Wong C. A conference key distribution system [J]. IEEE Transactions on Information Theory,1982,28(5):714-720.
[53]Steiner M, Tsudik G, Waidner M. Diffie-Hellman key distribution extended to group communication [C]. In Proceedings of the 3rd ACM conference on Computer and communications security,1996:31-37.
[54]Ateniese G, Steiner M, Tsudik G New Multi-party authenticated services and key agreement protocols [J]. Journal of Selected Areas in Communications,2000,18(4):1-13.
[55]Pereira O, Quisquater J. A security analysis of the Cliques protocol suite [C]. In Proceedings of CSFM'01, IEEE Computer Society Press,2001:73-81.
[56]Bresson E, Chevassut O, Pointcheval D, Quisquater J. Provably authenticated group Difffie-Hellman key exchange [C]. In Proceedings of the 8th ACM conference on Computer and Communications Security,2001:255-264.
[57]Bresson E, Chevassut O, Pointcheval D. Provably authenticated group Diffie-Hellman key exchange-the dynamic case [C]. In Proceedings of AsiaCrypt'01,2001,2248:290-309.
[58]Bresson E, Chevassut O, Pointcheval D. Dynamic group Diffie-Hellman key exchange under standard assumptions [C]. In Proceedings of EuroCrypt'02,2002,2332:321-336.
[59]Bresson E, Chevassut O, Pointcheval D. Group Diffie-Hellman key exchange secure against dictionary attacks [C]. In Proceedings of AsiaCrypt'02,2002,2501:497-514.
[60]Kim Y, Perrig A, Tsudik G Tree based group key agreement [J]. ACM Transaction on Information System Security,2004,7(1):60-96.
[61]Nalla D, Reddy K. ID-based tripartite authenticated key agreement protocols from pairings [J]. Available at http://eprint.iacr.org/2003/004
[62]Smart N P. An Identity-based Authenticated Key Agreement Protocol Based on the Weil Pairing [J]. Electronic Letters,2002,38(13):630-632.
[63]Barua R, Dutta R, Sarkar P. Extending Joux protocol to multi-party key agreement [C]. In Proceedings of Indocrypt'03,2003:205-217
[64]Dutta R, Barua R. Dynamic group key agreement in tree-based setting [C]. In Proceedings of Information Security and Privacy,2005:101-112
[65]Burmester M, Desmedt Y. A secure and efficient conference key distribution system [C]. In Proceedings of EuroCrypt'94,1994:275-286.
[66]Katz J, Yung M. Scalable protocols for authenticated group key exchange [C]. In Proceedings of Crypt'03,2003,2729:10-125.
[67]Choi K, Hwang J, Lee D. Efficient ID-based group key agreement with Bilinear maps [C]. In Proceedings of Public Key Cryptography,2004,2947:130-144.
[68]F. Zhang, X. Chen. Attack on an ID-based authenticated group key agreement scheme from PKC 2004 [J]. Information Processing Letters,2004,91(4):191-193.
[69]Dutta R, Barua R.Constant round dynamic group key agreement [J]. Information Security, 2005,3650:74-88.
[70]Gorantla M, Boyd C, Nieto J, Manulis M. Generic one round group key exchange in the standard model [C]. In Proceedings of Information, Security and Cryptology,2009,5984: 1-15.
[71]Gorantla M, Boyd C, Nieto J. One round group key exchange with forward security in the standard model [R]. IACR ePrint, Report 2010/083, http://eprint.iacr.org/2010/083.pdf.
[72]Wu Q, Mu Y, Susilo W, Qin B, Domingo-Ferrer J. Asymmetric group key agreement [C]. In Proceedings of EuroCrypt' 09,2009,5479:153-170.
[73]Zhang L, Wu Q, Qin B, Domingo-Ferrer J. Identity-based authenticated asymmetric group key agreement protocol [R]. IACR ePrint, http://eprint.iacr.org/2010/209.pdf.
[74]闵嗣鹤,严士健.初等数论(第三版)[M].北京:高等教育出版社,2006.
[75]王育民,刘建伟.通信网的安全—理论与技术[M].西安:西安电子科技大学出版社.2008.
[76]丘维声.抽象代数基础[M].北京:高等教育出版社,2003.
[77]Goldreich O.计算复杂性[M].北京:人民邮电出版社,2010.
[78]Tuchman W. Hellman presents no shortcut solutions to the DES [J]. IEEE Spectrum,1979, 16(7):40-41.
[79]Daemen J, Rijmen V. AES proposal:Rijnael [R].1998, Available at http://ftp.csci.csusb.edu/ ykarant/courses/w2005/csci531/papers/Rijndael.pdf
[80]祝跃飞,张亚娟.公钥密码学设计原理于可证安全[M].北京:高等教育出版社,2010.
[81]Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems [J]. Communications of the ACM-Special 25th Anniversary Issue,1983, 26(1):120-126.
[82]ElGamal T. A public-key cryptosystem and a signature scheme based on discrete logarithms [J]. IEEE Transactions on Information Theory,1985, IT-31(4):469-472.
[83]Koblitz N. Elliptic curve cryptosystems [J]. Mathematics of Computation,1987,48:203-209.
[84]Wang S J, Chang J F. Smart card based secure password authentication scheme [J]. Computers and Security,1999,15(3):231-237.
[85]Selimis G, Fournaris A, Kostopoulos G, Koufopavlou O. Software and hardware issues in smart card technology [J]. IEEE Commmunicaiton Surveys & Tutorials,2009,11(3): 143-152.
[86]Chandramouli R, Lee P. Infrastructure standards for smart ID card deployment [J]. IEEE Security & Privacy,2007,5(2):92-96.
[87]Lim C H, Dan Y H, Lau K T, Choo K Y. Smart card reader [J]. IEEE Transactions on Consumer Electronics,1993,39(1):6-12.
[88]Smith M T. Smart cards:integrating for portable complexity [J]. Computer,1998,31(8): 110-112,115.
[89]Schneier B. Applied cryptography, protocols, algorithms, and source code in C [M]. John Wiley and Sons Inc.,2nd Edition, New York, U.S.A.,1996.
[90]Lee N Y, Chiu Y C. Improved remote authentication scheme with smart card [J].Computer Standards & Interfaces,2005,27(2):177-180.
[91]Chang C C, Lee J S. An efficient and secure remote authentication scheme using smart cards [J]. Information & Security,2006,18:122-133.
[92]Xu J, Zhu W T, Feng D G. An improved smart card based password authentication scheme with provable security [J]. Computer Standards & Interfaces,2009,31(4):723-728.
[93]Xiao Y, Shen X, Sun B, Cai L. Security and privacy in RFID and applications in telemedicine [J]. IEEE Communication Magazine,2006,44(4):64-72.
[94]Tan C C, Bo S, Qun L. Secure and serverless RFID authentication and search protocols [J]. IEEE Transactions on Wireless Communications,2008,7(4):1400-1407.
[95]Liu A X, Bailey L A, PAP:A privacy and authentication protocol for passive RFID tags [J]. Computer Communications,2009,32(7-10):1194-1199.
[96]Kang S Y, Lee G G, Lee I Y. A study on secure RFID mutual-authentication scheme in pervasive computing environment [J].Computer Communications,2008,31(18):4248-4254.
[97]Ryu E K, Takagi T. A hybrid approach for privacy-preserving RFID tags [J]. Computer Standard & Interfaces,2009,31(4):812-815.
[98]Yeh T C, Wu C H, Tseng Y M. Improvement of the RFID authentication scheme based on quadratic residues [J]. Computer Communications,2011,34(3):337-341.
[99]Chien H Y, Huang C W. A Lightweight authentication protocol for low-cost RFID [J]. Journal of Signal Processing System 2010,59:95-102.
[100]Chen Y Y, Tsai M L, Jan J. K. The design of RFID access control protocol using the strategy of indenite-index and challenge-response [J]. Computer Communications,2011,34(3): 250-256.
[101]Chien H Y. Secure access control schemes for RFID systems with anonymity [C]. In Proceedings of the 7th International Conference on Mobile Data Management,2006:96-96.
[102]Dimitriou T. A lightweight RFID protocol to protect against traceability and cloning attacks [C]. In Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks,2005:59-66.
[103]Yang J. Hash-based enhancement of location privacy for radio-frequency identication devices using varying identiers [C]. In Proceedings of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops,2004:149-153.
[104]Avoine G, Oechslin P. A scalable and provably secure hash based RFID protocol [C]. In Proceedings of the 2nd IEEE International Workshop on Pervasive Computing and Communication Security,2005:110-114.
[105]Lee S M, Hwang Y J, Lee D H, Lim J I. Efficient authentication for low-cost RFID systems [C]. In Proceedings of International Conference on Computational Science and Its Applications,2005:619-627.
[106]Safkhani M, Bagheri N, Naderi M. Cryptanalysis of Chen et al.'s RFID access control protocol [R].2011, Cryptology ePrint Archive, GSI, UCL, Louvain-la-Neuve, Belgium Report 194, IACR.
[107]Wong K W. A fast chaotic cryptographic scheme with dynamic look-up table [J].Physics Letters A,2002,298(4):238-242.
[108]Wang X, Zhao J. An improved key agreement protocol based on chaos [J]. Communications in Nonlinear Science and Numerical Simulation,2010,15(12):4052-4057.
[109]Bergamo P, D'Arco P, De Santis A, Kocarev L. Security of public-key cryptosystems based on Chebyshev polynomials [J]. IEEE Transactions on Circuits and Systems Ⅰ:Regular Papers, 2005,52(7):1382-1393.
[110]Zhang L. Cryptanalysis of the public key encryption based on multiple chaotic systems [J]. Chaos, Solitons & Fractals,2008,37(3):669-674.
[111]Xiao D, Liao X, Deng S. One-way Hash function construction based on the chaotic map with changeable-parameter [J]. Chaos, Solitons & Fractals,2005,24(1):65-71.
[112]Cai Y, Wang Y. Identity-based conference key distribution protocol with user anonymity [J]. Chinese Journal of Electronic,2007,16(1):179-181.
[113]Harn L, Lin C. Authenticated group key transfer protocol based on secret sharing [J]. IEEE Transaction on Computers,2010,59(6):842-846.
[114]Kim Y, Perrig A, Tsudik G. Group key agreement efficient in communication [J]. IEEE Transactions on Computers,2004,53(7):905-921.
[115]Tseng Y. An improved conference-key agreement protocol with forward secrecy [J]. Informatica,2005,16(2):275-284.
[116]Jarecki S, Kim J, Tsudik G. Robust group key agreement using short broadcasts [C]. In Proceedings of the 14th ACM Conference on Computer and Communications Security,2007: 411-420.
[117]Steiner M, Tsudik G, Waidner M. Key agreement in dynamic peer groups [J]. IEEE Transactions on Parallel and Distributed Systems,2000,11(8):769-780.
[118]Xiao D, Liao X, Wong K. An efficient entire chaos-based scheme for deniable authentication [J]. Chaos, Solitons & Fractals,2005,23(4):1327-1331.
[119]Bergamo P, D' Arco P, Santis A, Kocarev L. Security of public-key cryptosystems based on Chebyshev polynomials [J]. IEEE Transactions on Circuits and Systems Ⅰ:Regular Papers, 2005,52(7):1382-1393.
[120]Alvarez G Security problems with a chaos-based deniable authentication scheme [J]. Chaos, Solitons & Fractals,2005,26(1):7-11.
[121]Xiao D, Liao X, Deng S. A novel key agreement protocol based on chaotic maps [J]. Information Science,2007,177(4):1136-1142.
[122]Han S. Security of a key agreement protocol based on chaotic maps [J]. Chaos, Solitons & Fractals,2008,38(3):764-768.
[123]D. Xiao, X. Liao and S. Deng, Using time-stamp to improve the security of a chaotic maps-based key agreement protocol [J]. Information Science,2008,17(6):1598-1602.
[124]Han S, Chang E. Chaotic map based key agreement with/out clock synchronization [J].Chaos, Solitons & Fractals,2009,39(3):1283-1289.
[125]Xiao D, Liao X, Deng S. One-way hash function based on the chaotic map with changeable-parameter [J]. Chaos, Solitons & Fractals,2005,24(1):65-71.
[126]Guo X, Zhang J. Secure group key agreement protocol based on chaotic hash [J]. Information Sciences,2010,180(20):4069-4074.
[127]Kim Y, Perrig A, Tsudik G. Simple and fault-tolerant key agreement for dynamic collaborative groups [C]. In Proceedings of 7th ACM Conference on Computer and Communications Security,2000:235-244.
[128]Tzeng W. A secure fault-tolerant conference-key agreement protocol [J]. IEEE Transactions on Computers,2002,51(4):373-379.
[129]Tseng Y. A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy [J]. Journal of Systems and Software,2007,80(7):1091-1101.
[130]Huang K, Chung Y, Lee H, Lai F, Chen T S. A conference key agreement protocol with fault-tolerant capability [J]. Computer Standards and Interfaces,2009,31(2):401-405.
[131]Zhao J, Gu D, Li Y. An efficient fault-tolerant group key agreement protocol [J]. Computer Communications,2010,33(7):890-895.
[132]Hietalahti M. Efficient key agreement for ad hoc networks, Master's Thesis, VHelsinki University of Technology, Department of Computer Science and Engineering, Espoo, Finland, 2001
[133]Sun H, Chen C, Shieh C. Flexible-pay-per-channel:Anew model for content access control in pay-TV broadcasting systems [J]. IEEE Transactions on Multimedia,2008,10(6):1109-1120.
[134]Katz J, Yung M. Scalable protocol for authenticated group key exchange [J]. Journal of Cryptology 2007,20(1):85-113.
[2]Needham R, Schroede M. Using encryption for authentication in large networks of computers [J]. Communications of the ACM,1978,21(12):993-999.
[3]Simmons G J. Authentication theory/coding theory [C]. In Proceedings of Crypto'84. Lecture Note in Computer Science,1985,196:411-431.
[4]Mao W B著.王继林,伍前红译.现代密码学理论与实践[M].北京:电子工业出版社,2004.
[5]Diffie W, Hellman M E. New directions in cryptography [J]. IEEE Transactions on Information Theory,1976, IT-22(6):644-654.
[6]Burrows M, Abadi M, Needham R. A logic of authentication [J]. ACM Transactions on Computer Systems,1990,8(1):18-36.
[7]Gong L, Needham R, Yahalom R. Reasoning about belief in cryptographic protocols [C]. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 1990:234-248.
[8]Abadi M, Tuttle M. A semantics for a logic of authentication [C]. In Proceedings of the 10th ACM Symposium on Principles of Distributed Computing,1991:201-216.
[9]Oorschot P van Extending cryptographic logics of belief to key agreement protocols [C]. In Proceedings of the lth ACM Conference on Communications and Computer Security.1993: 233-243.
[10]Syverson P F, Oorschot P van. On unifying some cryptographic protocol logics [C]. In Proceedings of the IEEE Computer Society Symposium on Research in Security and Privacy, 1994:14-28.
[11]Mao W B, Colin B. Towards formal analysis of safty protocols [C], In Computer Security Foundations Workshop Ⅵ, IEEE Computer Society Press,1998,4:147-158.
[12]Hoare C. Communicating sequential processes [J]. Communications of the ACM,1978,21(8): 666-677.
[13]Lowe G. Breaking and fixing the Needham-Schroeder public-key protocol using FDR [J]. Software Concepts and Tools,1996,17(3):93-102.
[14]Basin D, Moedersheim S, Vigano L. OFMC:A symbolic model checker for security protocols [J]. International Journal of Information Security,2005,4(3):181-208.
[15]Mitchell J, Mitchell M, Stern U. Automated analysis of cryptographic protocols using Murphi [C]. In Proceedings of the 1997 IEEE Computer Society Symposium on Research in Security and Privacy,1997:141-151.
[16]Woo T, Lam S. A lesson on authentication protocol design [J]. Operating Systems Review, 1994,28(3):24-37.
[17]Millen J, Clark S, Freedman S. The Interrogator:Protocol security analysis [J]. IEEE Transactions on Software Engineering,1987,13(2):274-288.
[18]Meadows C. The NRL protocol analyzer:An overview [J]. Journal of Logic Programming, 1996,26(2):113-131.
[19]Paulson L C. Mechanized proofs for a recursive authentication protocol [C]. In Proceedings of the 10th IEEE Computer Security Foundations Workshop, Los Alamitos:IEEE Computer Society Press,1997:84-94.
[20]Paulson L C. The inductive approach to verifying cryptographic protocols [J]. Journal of Computer Security,1998,6(1-2):85-128.
[21]Thayer F J, Herzog J C, Guttman J D. Strand spaces:Proving security protocols correct [J]. Journal of Computer Security,1999,7(2):191-230.
[22]Canetti, R. Universally composable security:a new paradigm for cryptographic protocols [C]. In Proceedings of the 42nd IEEE Symposium on Foundations of Computer Science,2001: 136-145.
[23]Abadi M, Gordon A D. A calculus for cryptographic protocols:The spi calculus [C]. In Proceedings of the 4th ACM Conference on Computer and Communications Security,1997: 36-47.
[24]Lamport L. Password authentication with insecure communication [J]. Communications of the ACM,1981,24(11):770-772.
[25]Wu T C, Sung H S. Authenticating passwords over an insecure channel [J].Computer & Security,1996,15(5):431-439.
[26]Peyravian M, Zunic N. Methods for protecting password transmission [J]. Computer & Security,2006,19(5):466-469.
[27]Chang C C, Lee C Y, Chiu Y C. Enhanced authentication scheme with anonymity for roam-ing service in global mobility networks [J]. Computer Communications,2009,2(4): 611-618.
[28]Hwang M S, Li L H. A new remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics,2000,46(1):28-30.
[29]ElGamal T. A public-key cryptosystem and a signature scheme based on discrete logarithms [J]. IEEE Transactions on Information Theory,1985,31(4):469-472.
[30]Sun H M. An efficient remote use authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics,2000,46(4):958-961.
[31]Chien H Y, Jan J K, Tseng Y M. An efficient and practical solution to remote authentication: smart card [J]. Computer & Security,2002,21(4):372-375.
[32]Ku W C, Chen S M. Weaknesses and improvements of an efficient password based remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2004,50(1):204-207.
[33]Yoon E J, Ryu E K, Yoo K Y. Further improvement of an efficient password based remote user authentication scheme using smart cards [J]. IEEE Transactions on Consumer Electronics, 2004,50(2):612-614.
[34]Wang X M, Zhang W F, Zhang J S, Khan M K. Cryptanalysis and improvement on two efficient remote user authentication scheme using smart cards [J]. Computer Standard & Interfaces,2007,29(5):507-512.
[35]Chen T H, Hsiang H C, Shih W K. Security enhancement on an improvement on two remote user authentication schemes using smart cards [J]. Future Generation Computer Systems, 2011,27(4):377-380.
[36]Song R. Advanced smart card based password authentication protocol [J]. Computer Standards & Interfaces,2010,32(5-6):321-325.
[37]Hopper N J, Blum M. Secure human identification protocols [C]. In Proceedings of 7th International Conference on the Theory and Application of Cryptology and Information Security,2001:52-66.
[38]Gilbert H, Matthew R, Sibert H. An active attack against HB+:a provably secure lightweight authentication protocol [J]. IEEE Electronics Letters,2005,41(21):1169-1170.
[39]Sarma S E, Weis S A, Engels D W. Radio-frequency identification:secure risks and challenges. RSA Laboratories Cryptobytes,2003,6(1):2-9.
[40]Weis S A, Sarma S E, Rivest R L, Engles D W. Security and privacy aspects of low-cost radio frequency identification systems [C]. In Proceedings of the 1st International Conference on Security in Pervasive Computing.2004:201-212.
[41]周永彬,冯登国.RFID安全协议的设计和分析[J].计算机学报,2006,29(4):581-589.
[42]Lee S M, Hwang Y J, Lee D H. Efficient authentication for low-cost RFID systems [C]. In Proceedings of the International Conference on Computational Science and Its Applications, 2005:619-627.
[43]Molnar D, Soppera A, Wagner D. A scalable, delegatable pseudonym protocol enabling ownership transfer of RFID tags [C]. Selected Areas in Cryptography,2006:276-290.
[44]Van Le T, Burmester M, Medeiros B. Universally composable and forward secure RFID authentication and authenticated key exchange [C]. In Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security,2007:242-252.
[45]Tsudik G. YA-TRAP:yet another trivial RFID authentication protocol [C]. In Proceedings of the 4th annual IEEE International Conference on Pervasive Computing and Communications Workshops,2006:640-651.
[46]Chien H Y. SASI:a new ultralightweight RFID authentication protocol providing strong authentication and strong integrity [J]. IEEE Transactions on Dependable and Secure Computing,2007,4(4):337-340.
[47]Cao T, Bertino E, Lei H. Security analysis of the SASI protocol [J]. IEEE Transactions on Dependable and Secure Computing,2009,6(1):73-77.
[48]Kim H S, Choi J Y. The design and verification of RFID authentication protocol for ubiquitous computing [C]. In Proceedings of the 18th International Workshop on Database and Expert Systems Applications,2007:693-697.
[49]Burmester M, Van Le T, Medeiros B. Provably secure ubiquitous systems:Universally composable RFID authentication protocols [C]. In Proceedings of the 2nd International Conference on Security and Privacy in Networks,2006:176-186.
[50]Burmester M, Medeiros B D, Motta R. Provably Secure Grouping-Proofs for RFID Tags [J]. Smart Card Research and Advanced Applications,2008,5189:176-190.
[51]邓淼磊,黄照鹤,周利华等.认证协议中数据同步的分析[J].计算机科学,2010,37(3):83-85.
[52]Ingemarsson I, Tang D, Wong C. A conference key distribution system [J]. IEEE Transactions on Information Theory,1982,28(5):714-720.
[53]Steiner M, Tsudik G, Waidner M. Diffie-Hellman key distribution extended to group communication [C]. In Proceedings of the 3rd ACM conference on Computer and communications security,1996:31-37.
[54]Ateniese G, Steiner M, Tsudik G New Multi-party authenticated services and key agreement protocols [J]. Journal of Selected Areas in Communications,2000,18(4):1-13.
[55]Pereira O, Quisquater J. A security analysis of the Cliques protocol suite [C]. In Proceedings of CSFM'01, IEEE Computer Society Press,2001:73-81.
[56]Bresson E, Chevassut O, Pointcheval D, Quisquater J. Provably authenticated group Difffie-Hellman key exchange [C]. In Proceedings of the 8th ACM conference on Computer and Communications Security,2001:255-264.
[57]Bresson E, Chevassut O, Pointcheval D. Provably authenticated group Diffie-Hellman key exchange-the dynamic case [C]. In Proceedings of AsiaCrypt'01,2001,2248:290-309.
[58]Bresson E, Chevassut O, Pointcheval D. Dynamic group Diffie-Hellman key exchange under standard assumptions [C]. In Proceedings of EuroCrypt'02,2002,2332:321-336.
[59]Bresson E, Chevassut O, Pointcheval D. Group Diffie-Hellman key exchange secure against dictionary attacks [C]. In Proceedings of AsiaCrypt'02,2002,2501:497-514.
[60]Kim Y, Perrig A, Tsudik G Tree based group key agreement [J]. ACM Transaction on Information System Security,2004,7(1):60-96.
[61]Nalla D, Reddy K. ID-based tripartite authenticated key agreement protocols from pairings [J]. Available at http://eprint.iacr.org/2003/004
[62]Smart N P. An Identity-based Authenticated Key Agreement Protocol Based on the Weil Pairing [J]. Electronic Letters,2002,38(13):630-632.
[63]Barua R, Dutta R, Sarkar P. Extending Joux protocol to multi-party key agreement [C]. In Proceedings of Indocrypt'03,2003:205-217
[64]Dutta R, Barua R. Dynamic group key agreement in tree-based setting [C]. In Proceedings of Information Security and Privacy,2005:101-112
[65]Burmester M, Desmedt Y. A secure and efficient conference key distribution system [C]. In Proceedings of EuroCrypt'94,1994:275-286.
[66]Katz J, Yung M. Scalable protocols for authenticated group key exchange [C]. In Proceedings of Crypt'03,2003,2729:10-125.
[67]Choi K, Hwang J, Lee D. Efficient ID-based group key agreement with Bilinear maps [C]. In Proceedings of Public Key Cryptography,2004,2947:130-144.
[68]F. Zhang, X. Chen. Attack on an ID-based authenticated group key agreement scheme from PKC 2004 [J]. Information Processing Letters,2004,91(4):191-193.
[69]Dutta R, Barua R.Constant round dynamic group key agreement [J]. Information Security, 2005,3650:74-88.
[70]Gorantla M, Boyd C, Nieto J, Manulis M. Generic one round group key exchange in the standard model [C]. In Proceedings of Information, Security and Cryptology,2009,5984: 1-15.
[71]Gorantla M, Boyd C, Nieto J. One round group key exchange with forward security in the standard model [R]. IACR ePrint, Report 2010/083, http://eprint.iacr.org/2010/083.pdf.
[72]Wu Q, Mu Y, Susilo W, Qin B, Domingo-Ferrer J. Asymmetric group key agreement [C]. In Proceedings of EuroCrypt' 09,2009,5479:153-170.
[73]Zhang L, Wu Q, Qin B, Domingo-Ferrer J. Identity-based authenticated asymmetric group key agreement protocol [R]. IACR ePrint, http://eprint.iacr.org/2010/209.pdf.
[74]闵嗣鹤,严士健.初等数论(第三版)[M].北京:高等教育出版社,2006.
[75]王育民,刘建伟.通信网的安全—理论与技术[M].西安:西安电子科技大学出版社.2008.
[76]丘维声.抽象代数基础[M].北京:高等教育出版社,2003.
[77]Goldreich O.计算复杂性[M].北京:人民邮电出版社,2010.
[78]Tuchman W. Hellman presents no shortcut solutions to the DES [J]. IEEE Spectrum,1979, 16(7):40-41.
[79]Daemen J, Rijmen V. AES proposal:Rijnael [R].1998, Available at http://ftp.csci.csusb.edu/ ykarant/courses/w2005/csci531/papers/Rijndael.pdf
[80]祝跃飞,张亚娟.公钥密码学设计原理于可证安全[M].北京:高等教育出版社,2010.
[81]Rivest R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems [J]. Communications of the ACM-Special 25th Anniversary Issue,1983, 26(1):120-126.
[82]ElGamal T. A public-key cryptosystem and a signature scheme based on discrete logarithms [J]. IEEE Transactions on Information Theory,1985, IT-31(4):469-472.
[83]Koblitz N. Elliptic curve cryptosystems [J]. Mathematics of Computation,1987,48:203-209.
[84]Wang S J, Chang J F. Smart card based secure password authentication scheme [J]. Computers and Security,1999,15(3):231-237.
[85]Selimis G, Fournaris A, Kostopoulos G, Koufopavlou O. Software and hardware issues in smart card technology [J]. IEEE Commmunicaiton Surveys & Tutorials,2009,11(3): 143-152.
[86]Chandramouli R, Lee P. Infrastructure standards for smart ID card deployment [J]. IEEE Security & Privacy,2007,5(2):92-96.
[87]Lim C H, Dan Y H, Lau K T, Choo K Y. Smart card reader [J]. IEEE Transactions on Consumer Electronics,1993,39(1):6-12.
[88]Smith M T. Smart cards:integrating for portable complexity [J]. Computer,1998,31(8): 110-112,115.
[89]Schneier B. Applied cryptography, protocols, algorithms, and source code in C [M]. John Wiley and Sons Inc.,2nd Edition, New York, U.S.A.,1996.
[90]Lee N Y, Chiu Y C. Improved remote authentication scheme with smart card [J].Computer Standards & Interfaces,2005,27(2):177-180.
[91]Chang C C, Lee J S. An efficient and secure remote authentication scheme using smart cards [J]. Information & Security,2006,18:122-133.
[92]Xu J, Zhu W T, Feng D G. An improved smart card based password authentication scheme with provable security [J]. Computer Standards & Interfaces,2009,31(4):723-728.
[93]Xiao Y, Shen X, Sun B, Cai L. Security and privacy in RFID and applications in telemedicine [J]. IEEE Communication Magazine,2006,44(4):64-72.
[94]Tan C C, Bo S, Qun L. Secure and serverless RFID authentication and search protocols [J]. IEEE Transactions on Wireless Communications,2008,7(4):1400-1407.
[95]Liu A X, Bailey L A, PAP:A privacy and authentication protocol for passive RFID tags [J]. Computer Communications,2009,32(7-10):1194-1199.
[96]Kang S Y, Lee G G, Lee I Y. A study on secure RFID mutual-authentication scheme in pervasive computing environment [J].Computer Communications,2008,31(18):4248-4254.
[97]Ryu E K, Takagi T. A hybrid approach for privacy-preserving RFID tags [J]. Computer Standard & Interfaces,2009,31(4):812-815.
[98]Yeh T C, Wu C H, Tseng Y M. Improvement of the RFID authentication scheme based on quadratic residues [J]. Computer Communications,2011,34(3):337-341.
[99]Chien H Y, Huang C W. A Lightweight authentication protocol for low-cost RFID [J]. Journal of Signal Processing System 2010,59:95-102.
[100]Chen Y Y, Tsai M L, Jan J. K. The design of RFID access control protocol using the strategy of indenite-index and challenge-response [J]. Computer Communications,2011,34(3): 250-256.
[101]Chien H Y. Secure access control schemes for RFID systems with anonymity [C]. In Proceedings of the 7th International Conference on Mobile Data Management,2006:96-96.
[102]Dimitriou T. A lightweight RFID protocol to protect against traceability and cloning attacks [C]. In Proceedings of the 1st International Conference on Security and Privacy for Emerging Areas in Communications Networks,2005:59-66.
[103]Yang J. Hash-based enhancement of location privacy for radio-frequency identication devices using varying identiers [C]. In Proceedings of the 2nd IEEE Annual Conference on Pervasive Computing and Communications Workshops,2004:149-153.
[104]Avoine G, Oechslin P. A scalable and provably secure hash based RFID protocol [C]. In Proceedings of the 2nd IEEE International Workshop on Pervasive Computing and Communication Security,2005:110-114.
[105]Lee S M, Hwang Y J, Lee D H, Lim J I. Efficient authentication for low-cost RFID systems [C]. In Proceedings of International Conference on Computational Science and Its Applications,2005:619-627.
[106]Safkhani M, Bagheri N, Naderi M. Cryptanalysis of Chen et al.'s RFID access control protocol [R].2011, Cryptology ePrint Archive, GSI, UCL, Louvain-la-Neuve, Belgium Report 194, IACR.
[107]Wong K W. A fast chaotic cryptographic scheme with dynamic look-up table [J].Physics Letters A,2002,298(4):238-242.
[108]Wang X, Zhao J. An improved key agreement protocol based on chaos [J]. Communications in Nonlinear Science and Numerical Simulation,2010,15(12):4052-4057.
[109]Bergamo P, D'Arco P, De Santis A, Kocarev L. Security of public-key cryptosystems based on Chebyshev polynomials [J]. IEEE Transactions on Circuits and Systems Ⅰ:Regular Papers, 2005,52(7):1382-1393.
[110]Zhang L. Cryptanalysis of the public key encryption based on multiple chaotic systems [J]. Chaos, Solitons & Fractals,2008,37(3):669-674.
[111]Xiao D, Liao X, Deng S. One-way Hash function construction based on the chaotic map with changeable-parameter [J]. Chaos, Solitons & Fractals,2005,24(1):65-71.
[112]Cai Y, Wang Y. Identity-based conference key distribution protocol with user anonymity [J]. Chinese Journal of Electronic,2007,16(1):179-181.
[113]Harn L, Lin C. Authenticated group key transfer protocol based on secret sharing [J]. IEEE Transaction on Computers,2010,59(6):842-846.
[114]Kim Y, Perrig A, Tsudik G. Group key agreement efficient in communication [J]. IEEE Transactions on Computers,2004,53(7):905-921.
[115]Tseng Y. An improved conference-key agreement protocol with forward secrecy [J]. Informatica,2005,16(2):275-284.
[116]Jarecki S, Kim J, Tsudik G. Robust group key agreement using short broadcasts [C]. In Proceedings of the 14th ACM Conference on Computer and Communications Security,2007: 411-420.
[117]Steiner M, Tsudik G, Waidner M. Key agreement in dynamic peer groups [J]. IEEE Transactions on Parallel and Distributed Systems,2000,11(8):769-780.
[118]Xiao D, Liao X, Wong K. An efficient entire chaos-based scheme for deniable authentication [J]. Chaos, Solitons & Fractals,2005,23(4):1327-1331.
[119]Bergamo P, D' Arco P, Santis A, Kocarev L. Security of public-key cryptosystems based on Chebyshev polynomials [J]. IEEE Transactions on Circuits and Systems Ⅰ:Regular Papers, 2005,52(7):1382-1393.
[120]Alvarez G Security problems with a chaos-based deniable authentication scheme [J]. Chaos, Solitons & Fractals,2005,26(1):7-11.
[121]Xiao D, Liao X, Deng S. A novel key agreement protocol based on chaotic maps [J]. Information Science,2007,177(4):1136-1142.
[122]Han S. Security of a key agreement protocol based on chaotic maps [J]. Chaos, Solitons & Fractals,2008,38(3):764-768.
[123]D. Xiao, X. Liao and S. Deng, Using time-stamp to improve the security of a chaotic maps-based key agreement protocol [J]. Information Science,2008,17(6):1598-1602.
[124]Han S, Chang E. Chaotic map based key agreement with/out clock synchronization [J].Chaos, Solitons & Fractals,2009,39(3):1283-1289.
[125]Xiao D, Liao X, Deng S. One-way hash function based on the chaotic map with changeable-parameter [J]. Chaos, Solitons & Fractals,2005,24(1):65-71.
[126]Guo X, Zhang J. Secure group key agreement protocol based on chaotic hash [J]. Information Sciences,2010,180(20):4069-4074.
[127]Kim Y, Perrig A, Tsudik G. Simple and fault-tolerant key agreement for dynamic collaborative groups [C]. In Proceedings of 7th ACM Conference on Computer and Communications Security,2000:235-244.
[128]Tzeng W. A secure fault-tolerant conference-key agreement protocol [J]. IEEE Transactions on Computers,2002,51(4):373-379.
[129]Tseng Y. A communication-efficient and fault-tolerant conference-key agreement protocol with forward secrecy [J]. Journal of Systems and Software,2007,80(7):1091-1101.
[130]Huang K, Chung Y, Lee H, Lai F, Chen T S. A conference key agreement protocol with fault-tolerant capability [J]. Computer Standards and Interfaces,2009,31(2):401-405.
[131]Zhao J, Gu D, Li Y. An efficient fault-tolerant group key agreement protocol [J]. Computer Communications,2010,33(7):890-895.
[132]Hietalahti M. Efficient key agreement for ad hoc networks, Master's Thesis, VHelsinki University of Technology, Department of Computer Science and Engineering, Espoo, Finland, 2001
[133]Sun H, Chen C, Shieh C. Flexible-pay-per-channel:Anew model for content access control in pay-TV broadcasting systems [J]. IEEE Transactions on Multimedia,2008,10(6):1109-1120.
[134]Katz J, Yung M. Scalable protocol for authenticated group key exchange [J]. Journal of Cryptology 2007,20(1):85-113.
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |