利用垂直阵列构作Cartesian认证码

利用垂直阵列构作了一类Cartesian认证码,计算了它们的参数,并且在编码规则按等概率分布选取时,成功的模仿攻击和成功的替换攻击概率也被算出。     

最优带仲裁认证码

本文研究带仲裁认证码（亦称A^2-码）。一个A^2-码，当它的欺骗攻击成功概率达到信息论下界且密钥长度也达到最小时称为是最优的。本文给出最优A^2-码的组合结构的特征，从而将构造最优A^2-码的问题归结为构造相应的一类组合设计的问题。     

基于OpenRadius实现有线宽带用户接入认证

在Solaris环境下,利用OpenRadius架设RADIUS服务器,并结合OpenLdap,实现广电宽带城域网PPPOE用户接入认证。     

两个基于身份的数字签名方案的安全性改进

分析了文献[1]提出的两个基于用户身份的数字签名方案，发现其一般签名方案存在安全性缺陷，在此基础上建立了多重签名方案，但此方案也是不安全的。本文给出了改进的签名和多重签名方案。     

针对钓鱼攻击的防范技术研究

论文从网络攻击的角度,提炼出了三种钓鱼攻击的模型,并对其实现机理、关键技术进行了比较详细的剖析。然后,针对钓鱼攻击本身的特点,提出了一种同时具备双因素认证和双向认证优点的认证模型来防御钓鱼攻击。     

一种可靠多播认证方案及其C语言实现

传统的认证技术对于多播认证并不适用,因为多播认证有它自身的特殊要求。论文介绍了两种针对多播认证特点的解决方案,并结合两种方案的特点阐述了一种改进的适合可靠多播的认证方案,最后给出了C语言的实现。     

Secure communication in CloudIoT through design of a lightweight authentication and session key agreement scheme

Internet of Things (IoT) is a newly emerged paradigm where multiple embedded devices, known as things, are connected via the Internet to collect, share, and analyze data from the environment. In order to overcome the limited storage and processing capacity constraint of IoT devices, it is now possible to integrate them with cloud servers as large resource pools. Such integration, though bringing applicability of IoT in many domains, raises concerns regarding the authentication of these devices while establishing secure communications to cloud servers. Recently, Kumari et al proposed an authentication scheme based on elliptic curve cryptography (ECC) for IoT and cloud servers and claimed that it satisfies all security requirements and is secure against various attacks. In this paper, we first prove that the scheme of Kumari et al is susceptible to various attacks, including the replay attack and stolen-verifier attack. We then propose a lightweight authentication protocol for secure communication of IoT embedded devices and cloud servers. The proposed scheme is proved to provide essential security requirements such as mutual authentication, device anonymity, and perfect forward secrecy and is robust against security attacks. We also formally verify the security of the proposed protocol using BAN logic and also the Scyther tool. We also evaluate the computation and communication costs of the proposed scheme and demonstrate that the proposed scheme incurs minimum computation and communication overhead, compared to related schemes, making it suitable for IoT environments with low processing and storage capacity.     

A post quantum secure construction of an authentication protocol for satellite communication

Satellite's communication system is used to communicate under significant distance and circumstances where the other communication systems are not comfortable. Since all the data are exchanged over a public channel, so the security of the data is an essential component for the communicating parties. Both key exchange and authentication are two cryptographic tools to establish a secure communication between two parties. Currently, various kinds of authentication protocols are available to establish a secure network, but all of them depend on number–theoretical (discrete logarithm problem/factorization assumption) hard assumptions. Due to Shor's and Grover's computing algorithm number theoretic assumptions are breakable by quantum computers. Although Kumar and Garg have proposed a quantum attack-resistant protocol for satellite communication, it cannot resist stolen smart card attack. We have analyzed that how Kumar and Garg is vulnerable to the stolen smart card attack using differential power analysis attack described in He et al and Chen and Chen. We have also analyzed the modified version of signal leakage attack and sometimes called improved signal leakage attack on Kumar and Garg's protocol. We have tried to construct a secure and efficient authentication protocol for satellites communication that is secure against quantum computing. This is more efficient as it requires only three messages of exchange. This paper includes security proof and performance of the proposed authentication and key agreement protocol.     

强口令认证协议的组合攻击

基于强口令的身份认证机制是目前身份认证技术发展的一个重要方向.本文对IEICE上新近提出的一个优化强口令身份认证协议OSPA(Optimal Strong-Password Authentication)进行了分析,并利用本文首次提出的组合攻击方法对其进行了有效攻击.攻击结果表明该协议对凭证被窃问题、中间人攻击、重放攻击和拒绝服务攻击是脆弱的.     

Authorship verification using deep belief network systems

This paper explores the use of deep belief networks for authorship verification model applicable for continuous authentication (CA). The proposed approach uses Gaussian units in the visible layer to model real‐valued data on the basis of a Gaussian‐Bernoulli deep belief network. The lexical, syntactic, and application‐specific features are explored, leading to the proposal of a method to merge a pair of features into a single one. The CA is simulated by decomposing an online document into a sequence of short texts over which the CA decisions happen. The experimental evaluation of the proposed method uses block sizes of 140, 280, 500 characters, on the basis of the Twitter and Enron e‐mail corpuses. Promising results are obtained, which consist of an equal error rate varying from 8.21% to 16.73%. Using relatively smaller forgery samples, an equal error rate varying from 5.48% to 12.3% is also obtained for different block sizes.