无线传感器网络下多因素身份认证协议的内部人员攻击
作者:
作者单位:

作者简介:

李文婷(1990-),女,山东青岛人,博士生,CCF学生会员,主要研究领域为公钥密码学,信息安全;王平(1961-),男,博士,教授,博士生导师,CCF专业会员,主要研究领域为信息安全,系统软件,物联网软件;汪定(1985-),男,博士,讲师,CCF专业会员,主要研究领域为公钥密码学,信息安全.

通讯作者:

王平,E-mail:pwang@pku.edu.cn

中图分类号:

TP309

基金项目:

国家重点研发计划(2016YFB0800603,2017YFB1200700);国家自然科学基金(61802006)


Insider Attacks Against Multi-factor Authentication Protocols for Wireless Sensor Networks
Author:
Affiliation:

Fund Project:

National Key Research and Development Program of China (2016YFB0800603, 2017YFB1200700); National Natural Science Foundation of China (61802006)

  • 摘要
  • |
  • 图/表
  • |
  • 访问统计
  • |
  • 参考文献
  • |
  • 相似文献
  • |
  • 引证文献
  • |
  • 资源附件
  • |
  • 文章评论
    摘要:

    无线传感器网络技术一经提出,迅速得到学术界、工业界的广泛关注,在国防军事、环境监测、智能家居、健康护理等领域发挥着重要作用.身份认证是保障无线传感器网络实时访问的关键安全技术.基于增强的攻击者模型,提出一种被长期忽略的内部攻击威胁,对无线传感器网络环境下的两个代表性认证协议进行了安全性分析.指出Mir等人的协议无法抵抗内部攻击和智能卡丢失攻击,且未实现前向安全性;指出Fang等人的协议同样无法实现所声称的前向安全性特性,且对内部攻击和智能卡丢失攻击是脆弱的.针对协议具体失误之处,提出相应的解决方案.总结了7类应对内部攻击的解决方案.指出了现有方法的不足,提出了合理的解决方案.

    Abstract:

    Once after the wireless sensor network technology was proposed, it quickly gained wide attention from the academic and industrial areas, and played a major role in the defense military, environmental monitoring, smart home, health care, and other fields. User authentication is becoming an essential mechanism for real-time access in wireless sensor networks. Based on the enhanced adversary model, a kind of insider attack is pointed out, of which it has been neglected for a long time. Then, two foremost authentication protocols are cryptanalyzed for wireless sensor networks environment. Two more things are point out as well. (1) Mir et al.'s protocol cannot resist against insider attack and smart card loss attack, and it also cannot provide forward secrecy; (2) Fang et al.'s protocol cannot achieve the claimed goal of forward secrecy and is vulnerable to insider attack and smart card loss attack. It is suggested that a reasonable solution according to the specific mistakes in their protocol and seven solutions in the existing literatures are summarized for dealing with insider attack. Furthermore, the deficiencies of existing methods are pointed out and a reasonable solution is given to resist insider attack.

    参考文献
    相似文献
    引证文献
引用本文

李文婷,汪定,王平.无线传感器网络下多因素身份认证协议的内部人员攻击.软件学报,2019,30(8):2375-2391

复制
分享
文章指标
  • 点击次数:
  • 下载次数:
  • HTML阅读次数:
  • 引用次数:
历史
  • 收稿日期:2018-05-31
  • 最后修改日期:2018-09-21
  • 录用日期:
  • 在线发布日期: 2019-04-03
  • 出版日期:
您是第位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号